Logfile of random's system information tool 1.08 (written by random/random)
Run by meny at 2011-06-08 12:58:07
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 64 GB (64%) free of 100 GB
Total RAM: 2047 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:38, on 8.6.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\F-Secure\common\FSM32.EXE
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\CrystalDiskInfo\DiskInfo.exe
C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\setup_9.0.0.722_08.06.2011_12-54.exe
C:\Users\meny\Desktop\RSIT.exe
C:\Program Files\trend micro\meny.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: setup_9.0.0.722_08.06.2011_12-54.lnk = C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\startup.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: Služba F-Secure Network Request Broker (F-Secure Network Request Broker) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 8982 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GlaryInitialize.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-01-19 1175152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2008-09-10 182936]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2008-09-10 1182304]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-01-19 489584]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-05-28 412560]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-05-14 399736]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
C:\Users\meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
setup_9.0.0.722_08.06.2011_12-54.lnk - C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-06-08 12:58:09 ----D---- C:\Program Files\trend micro
2011-06-08 12:58:07 ----D---- C:\rsit
2011-06-08 12:12:17 ----D---- C:\ProgramData\Kaspersky Lab
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\95694442.sys
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\95694441.sys
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\9569444.sys
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files\Skype
2011-06-08 09:57:44 ----RD---- C:\Program Files\Skype
2011-06-07 17:20:38 ----D---- C:\ProgramData\AutoKMS
2011-06-07 17:18:23 ----A---- C:\Windows\AutoKMS.exe
2011-06-07 16:54:02 ----D---- C:\Program Files\Microsoft Synchronization Services
2011-06-07 16:53:57 ----D---- C:\Program Files\Common Files\DESIGNER
2011-06-07 16:53:05 ----D---- C:\Windows\PCHEALTH
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft Sync Framework
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-06-07 16:51:40 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-06-07 16:50:15 ----D---- C:\Program Files\Microsoft Analysis Services
2011-06-07 16:48:07 ----RHD---- C:\MSOCache
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll
2011-06-04 18:44:58 ----D---- C:\Program Files\PhotoFiltre
2011-06-02 16:49:59 ----D---- C:\Program Files\Movie Maker 2.6
2011-05-31 16:15:09 ----D---- C:\Program Files\Reference Assemblies
2011-05-31 14:44:40 ----D---- C:\ProgramData\NCH Software
2011-05-31 14:44:13 ----D---- C:\Program Files\NCH Software
2011-05-31 14:42:19 ----D---- C:\Users\meny\AppData\Roaming\NCH Software
2011-05-31 10:54:29 ----D---- C:\Program Files\CrystalDiskInfo
2011-05-25 22:23:13 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-25 08:31:08 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 22:05:38 ----A---- C:\Windows\amcap.exe
2011-05-24 09:02:16 ----A---- C:\Windows\system32\poqexec.exe
2011-05-21 17:40:00 ----D---- C:\Users\meny\AppData\Roaming\IDM
2011-05-21 17:39:58 ----D---- C:\Users\meny\AppData\Roaming\DMCache
2011-05-21 17:39:46 ----D---- C:\Program Files\Internet Download Manager
2011-05-18 23:44:33 ----RASH---- C:\MSDOS.SYS
2011-05-18 23:44:33 ----RASH---- C:\IO.SYS
2011-05-16 20:14:12 ----D---- C:\Users\meny\AppData\Roaming\VitySoft
2011-05-14 19:36:18 ----D---- C:\Program Files\uTorrentBar
2011-05-14 19:35:58 ----D---- C:\Program Files\uTorrent
2011-05-14 19:32:53 ----D---- C:\Users\meny\AppData\Roaming\uTorrent
2011-05-13 00:26:22 ----D---- C:\Program Files\Glary Utilities
2011-05-12 17:34:04 ----D---- C:\Program Files\TeamViewer
2011-05-12 16:42:18 ----D---- C:\Users\meny\AppData\Roaming\GlarySoft
2011-05-11 09:41:39 ----D---- C:\Users\meny\AppData\Roaming\Opera
2011-05-11 09:41:35 ----D---- C:\Program Files\Opera
2011-05-11 09:07:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 09:07:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 09:06:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-09 18:43:02 ----D---- C:\Users\meny\AppData\Roaming\Ashampoo
2011-05-09 18:41:47 ----D---- C:\ProgramData\ashampoo
2011-05-09 18:41:28 ----D---- C:\Program Files\Ashampoo
======List of files/folders modified in the last 1 months======
2011-06-08 12:58:14 ----D---- C:\Windows\Temp
2011-06-08 12:58:09 ----RD---- C:\Program Files
2011-06-08 12:57:55 ----D---- C:\Users\meny\AppData\Roaming\Skype
2011-06-08 12:12:23 ----SHD---- C:\System Volume Information
2011-06-08 12:12:17 ----HD---- C:\ProgramData
2011-06-08 12:09:44 ----D---- C:\Windows\system32\drivers
2011-06-08 11:03:33 ----D---- C:\Program Files\F-Secure
2011-06-08 09:57:51 ----SHD---- C:\Windows\Installer
2011-06-08 09:57:50 ----D---- C:\Windows\system32\Tasks
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files
2011-06-08 09:57:43 ----D---- C:\ProgramData\Skype
2011-06-08 09:23:24 ----D---- C:\Windows\system32\config
2011-06-08 09:13:09 ----D---- C:\ProgramData\Microsoft Help
2011-06-08 09:06:44 ----D---- C:\Users\meny\AppData\Roaming\skypePM
2011-06-07 17:51:55 ----D---- C:\Windows\Microsoft.NET
2011-06-07 17:28:07 ----D---- C:\Windows
2011-06-07 17:26:10 ----SD---- C:\ProgramData\Microsoft
2011-06-07 17:19:56 ----D---- C:\Program Files\Microsoft Office
2011-06-07 17:07:17 ----RSD---- C:\Windows\assembly
2011-06-07 17:00:11 ----D---- C:\Windows\winsxs
2011-06-07 16:55:35 ----D---- C:\Windows\System32
2011-06-07 16:55:28 ----RSD---- C:\Windows\Fonts
2011-06-07 16:55:16 ----D---- C:\Windows\ShellNew
2011-06-07 16:55:13 ----D---- C:\Program Files\Common Files\microsoft shared
2011-06-07 16:54:54 ----D---- C:\Program Files\MSBuild
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft.NET
2011-06-07 16:50:59 ----A---- C:\Windows\win.ini
2011-06-07 16:50:49 ----D---- C:\Program Files\Common Files\System
2011-06-07 13:39:42 ----D---- C:\Program Files\Mozilla Firefox
2011-06-07 11:11:18 ----D---- C:\Windows\system32\drivers\etc
2011-06-07 09:16:16 ----D---- C:\Windows\system32\catroot2
2011-06-06 15:32:26 ----D---- C:\Windows\Prefetch
2011-06-03 13:45:23 ----D---- C:\Users\meny\AppData\Roaming\IObit
2011-06-03 13:44:55 ----D---- C:\Program Files\IObit
2011-05-31 16:14:12 ----D---- C:\Program Files\WinRAR
2011-05-31 16:13:50 ----D---- C:\Program Files\RocketDock
2011-05-31 16:13:01 ----D---- C:\Program Files\Seznam.cz
2011-05-28 17:13:23 ----A---- C:\Windows\WorldTimeClock.ini
2011-05-27 10:44:16 ----D---- C:\Users\meny\AppData\Roaming\Media Player Classic
2011-05-26 20:41:24 ----D---- C:\Program Files\Windows Media Player
2011-05-25 08:30:37 ----D---- C:\Windows\system32\catroot
2011-05-24 22:11:33 ----D---- C:\Windows\twain_32
2011-05-24 22:11:33 ----D---- C:\Windows\inf
2011-05-24 22:06:10 ----D---- C:\Windows\system32\DriverStore
2011-05-24 22:05:21 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-21 14:46:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-15 23:59:29 ----D---- C:\Users\meny\AppData\Roaming\Ahead
2011-05-15 10:07:52 ----SD---- C:\Users\meny\AppData\Roaming\Microsoft
2011-05-14 21:29:56 ----D---- C:\Windows\system32\appmgmt
2011-05-13 11:27:54 ----D---- C:\Windows\debug
2011-05-13 00:26:34 ----D---- C:\Windows\Tasks
2011-05-11 16:20:49 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 95694442;95694442 Boot Guard Driver; C:\Windows\system32\DRIVERS\95694442.sys [2009-10-22 37392]
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2011-04-28 42664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 95694441;95694441; C:\Windows\system32\DRIVERS\95694441.sys [2009-09-25 128016]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2008-09-10 66720]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2008-09-10 35552]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2008-09-10 70944]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2008-09-10 12384]
R1 setup_9.0.0.722_08.06.2011_12-54drv;setup_9.0.0.722_08.06.2011_12-54drv; C:\Windows\system32\DRIVERS\9569444.sys [2009-10-09 311312]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-04-28 124072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2008-09-10 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2008-09-10 25184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2008-09-10 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2008-09-10 117400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\F-Secure\FSAUA\program\fsaua.exe [2008-09-10 490080]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2008-09-10 510560]
R3 F-Secure Network Request Broker;Služba F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2008-09-10 162456]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2008-09-10 55904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-04-27 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-28 1343400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Poprosím o preventivní kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Poprosím o preventivní kontrolu logu
Dobrý den 
Odinstalujeme všechny nepotřebné toolbary + Vše od IObit 
dál vidím glary taky pryč..tyto utility jen škodí ahradíme něčím jiným 
Ověřte tento soubor na VIRUSTOTAL 
vložte mi druhý log info.txt,který najdete v C:\RSIT\
Co budeme dělat s nelegálním Office?
Stáhneme si program CKScanner
Odinstalujeme všechny nepotřebné toolbary + Vše od IObit dál vidím glary taky pryč..tyto utility jen škodí ahradíme něčím jiným Ověřte tento soubor na VIRUSTOTAL
- klikneme na "Procházet" a do zadávacího pole "Název souboru" jen zkopírujeme(pokud nepůjde tak najdeme tento soubor):
Kód: Vybrat vše
C:\Windows\system32\drivers\95694442.sys C:\Windows\system32\drivers\95694441.sys C:\Windows\system32\drivers\9569444.sys - soubor odešleme tak,že klikneme na "Send file" (pokud byl již testován, nechte testovat znovu - Reanalyse)
- Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
- Do fóra zkopíruj výsledný log. nebo odkaz z adresního řádku na stránku.
vložte mi druhý log info.txt,který najdete v C:\RSIT\ Co budeme dělat s nelegálním Office? Stáhneme si program CKScanner
- Spustíme stažený program CKScanner.exe
- Klineme na tlačítko Search for files a počkáme
- Po dokončení se nám ukáže log,klikneme na Save List to File
- Ve stejném umístění jako je program CKScanner.exe najdeme soubor ckfiles.txt
- Otevřeme soubor ckfiles.txt a jeho obsah vložíme sem na forum
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Poprosím o preventivní kontrolu logu
2 VT Community user(s) with a total of 2 reputation credit(s) say(s) this sample is goodware. 2 VT Community user(s) with a total of 2 reputation credit(s) say(s) this sample is malware.
File name:
95694442.sys
Submission date:
2011-06-08 11:26:28 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
95694441.sys
Submission date:
2011-06-08 11:34:06 (UTC)
iurrent status:
finished
Result:
0/ 42 (0.0%)
user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
9569444.sys
Submission date:
2011-06-08 11:36:42 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)
Logfile of random's system information tool 1.08 (written by random/random)
Run by meny at 2011-06-08 12:58:07
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 64 GB (64%) free of 100 GB
Total RAM: 2047 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:38, on 8.6.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\F-Secure\common\FSM32.EXE
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\CrystalDiskInfo\DiskInfo.exe
C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\setup_9.0.0.722_08.06.2011_12-54.exe
C:\Users\meny\Desktop\RSIT.exe
C:\Program Files\trend micro\meny.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: setup_9.0.0.722_08.06.2011_12-54.lnk = C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\startup.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: Služba F-Secure Network Request Broker (F-Secure Network Request Broker) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 8982 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GlaryInitialize.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-01-19 1175152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2008-09-10 182936]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2008-09-10 1182304]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-01-19 489584]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-05-28 412560]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-05-14 399736]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
C:\Users\meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
setup_9.0.0.722_08.06.2011_12-54.lnk - C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-06-08 12:58:09 ----D---- C:\Program Files\trend micro
2011-06-08 12:58:07 ----D---- C:\rsit
2011-06-08 12:12:17 ----D---- C:\ProgramData\Kaspersky Lab
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\95694442.sys
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\95694441.sys
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\9569444.sys
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files\Skype
2011-06-08 09:57:44 ----RD---- C:\Program Files\Skype
2011-06-07 17:20:38 ----D---- C:\ProgramData\AutoKMS
2011-06-07 17:18:23 ----A---- C:\Windows\AutoKMS.exe
2011-06-07 16:54:02 ----D---- C:\Program Files\Microsoft Synchronization Services
2011-06-07 16:53:57 ----D---- C:\Program Files\Common Files\DESIGNER
2011-06-07 16:53:05 ----D---- C:\Windows\PCHEALTH
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft Sync Framework
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-06-07 16:51:40 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-06-07 16:50:15 ----D---- C:\Program Files\Microsoft Analysis Services
2011-06-07 16:48:07 ----RHD---- C:\MSOCache
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll
2011-06-04 18:44:58 ----D---- C:\Program Files\PhotoFiltre
2011-06-02 16:49:59 ----D---- C:\Program Files\Movie Maker 2.6
2011-05-31 16:15:09 ----D---- C:\Program Files\Reference Assemblies
2011-05-31 14:44:40 ----D---- C:\ProgramData\NCH Software
2011-05-31 14:44:13 ----D---- C:\Program Files\NCH Software
2011-05-31 14:42:19 ----D---- C:\Users\meny\AppData\Roaming\NCH Software
2011-05-31 10:54:29 ----D---- C:\Program Files\CrystalDiskInfo
2011-05-25 22:23:13 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-25 08:31:08 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 22:05:38 ----A---- C:\Windows\amcap.exe
2011-05-24 09:02:16 ----A---- C:\Windows\system32\poqexec.exe
2011-05-21 17:40:00 ----D---- C:\Users\meny\AppData\Roaming\IDM
2011-05-21 17:39:58 ----D---- C:\Users\meny\AppData\Roaming\DMCache
2011-05-21 17:39:46 ----D---- C:\Program Files\Internet Download Manager
2011-05-18 23:44:33 ----RASH---- C:\MSDOS.SYS
2011-05-18 23:44:33 ----RASH---- C:\IO.SYS
2011-05-16 20:14:12 ----D---- C:\Users\meny\AppData\Roaming\VitySoft
2011-05-14 19:36:18 ----D---- C:\Program Files\uTorrentBar
2011-05-14 19:35:58 ----D---- C:\Program Files\uTorrent
2011-05-14 19:32:53 ----D---- C:\Users\meny\AppData\Roaming\uTorrent
2011-05-13 00:26:22 ----D---- C:\Program Files\Glary Utilities
2011-05-12 17:34:04 ----D---- C:\Program Files\TeamViewer
2011-05-12 16:42:18 ----D---- C:\Users\meny\AppData\Roaming\GlarySoft
2011-05-11 09:41:39 ----D---- C:\Users\meny\AppData\Roaming\Opera
2011-05-11 09:41:35 ----D---- C:\Program Files\Opera
2011-05-11 09:07:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 09:07:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 09:06:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-09 18:43:02 ----D---- C:\Users\meny\AppData\Roaming\Ashampoo
2011-05-09 18:41:47 ----D---- C:\ProgramData\ashampoo
2011-05-09 18:41:28 ----D---- C:\Program Files\Ashampoo
======List of files/folders modified in the last 1 months======
2011-06-08 12:58:14 ----D---- C:\Windows\Temp
2011-06-08 12:58:09 ----RD---- C:\Program Files
2011-06-08 12:57:55 ----D---- C:\Users\meny\AppData\Roaming\Skype
2011-06-08 12:12:23 ----SHD---- C:\System Volume Information
2011-06-08 12:12:17 ----HD---- C:\ProgramData
2011-06-08 12:09:44 ----D---- C:\Windows\system32\drivers
2011-06-08 11:03:33 ----D---- C:\Program Files\F-Secure
2011-06-08 09:57:51 ----SHD---- C:\Windows\Installer
2011-06-08 09:57:50 ----D---- C:\Windows\system32\Tasks
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files
2011-06-08 09:57:43 ----D---- C:\ProgramData\Skype
2011-06-08 09:23:24 ----D---- C:\Windows\system32\config
2011-06-08 09:13:09 ----D---- C:\ProgramData\Microsoft Help
2011-06-08 09:06:44 ----D---- C:\Users\meny\AppData\Roaming\skypePM
2011-06-07 17:51:55 ----D---- C:\Windows\Microsoft.NET
2011-06-07 17:28:07 ----D---- C:\Windows
2011-06-07 17:26:10 ----SD---- C:\ProgramData\Microsoft
2011-06-07 17:19:56 ----D---- C:\Program Files\Microsoft Office
2011-06-07 17:07:17 ----RSD---- C:\Windows\assembly
2011-06-07 17:00:11 ----D---- C:\Windows\winsxs
2011-06-07 16:55:35 ----D---- C:\Windows\System32
2011-06-07 16:55:28 ----RSD---- C:\Windows\Fonts
2011-06-07 16:55:16 ----D---- C:\Windows\ShellNew
2011-06-07 16:55:13 ----D---- C:\Program Files\Common Files\microsoft shared
2011-06-07 16:54:54 ----D---- C:\Program Files\MSBuild
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft.NET
2011-06-07 16:50:59 ----A---- C:\Windows\win.ini
2011-06-07 16:50:49 ----D---- C:\Program Files\Common Files\System
2011-06-07 13:39:42 ----D---- C:\Program Files\Mozilla Firefox
2011-06-07 11:11:18 ----D---- C:\Windows\system32\drivers\etc
2011-06-07 09:16:16 ----D---- C:\Windows\system32\catroot2
2011-06-06 15:32:26 ----D---- C:\Windows\Prefetch
2011-06-03 13:45:23 ----D---- C:\Users\meny\AppData\Roaming\IObit
2011-06-03 13:44:55 ----D---- C:\Program Files\IObit
2011-05-31 16:14:12 ----D---- C:\Program Files\WinRAR
2011-05-31 16:13:50 ----D---- C:\Program Files\RocketDock
2011-05-31 16:13:01 ----D---- C:\Program Files\Seznam.cz
2011-05-28 17:13:23 ----A---- C:\Windows\WorldTimeClock.ini
2011-05-27 10:44:16 ----D---- C:\Users\meny\AppData\Roaming\Media Player Classic
2011-05-26 20:41:24 ----D---- C:\Program Files\Windows Media Player
2011-05-25 08:30:37 ----D---- C:\Windows\system32\catroot
2011-05-24 22:11:33 ----D---- C:\Windows\twain_32
2011-05-24 22:11:33 ----D---- C:\Windows\inf
2011-05-24 22:06:10 ----D---- C:\Windows\system32\DriverStore
2011-05-24 22:05:21 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-21 14:46:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-15 23:59:29 ----D---- C:\Users\meny\AppData\Roaming\Ahead
2011-05-15 10:07:52 ----SD---- C:\Users\meny\AppData\Roaming\Microsoft
2011-05-14 21:29:56 ----D---- C:\Windows\system32\appmgmt
2011-05-13 11:27:54 ----D---- C:\Windows\debug
2011-05-13 00:26:34 ----D---- C:\Windows\Tasks
2011-05-11 16:20:49 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 95694442;95694442 Boot Guard Driver; C:\Windows\system32\DRIVERS\95694442.sys [2009-10-22 37392]
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2011-04-28 42664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 95694441;95694441; C:\Windows\system32\DRIVERS\95694441.sys [2009-09-25 128016]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2008-09-10 66720]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2008-09-10 35552]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2008-09-10 70944]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2008-09-10 12384]
R1 setup_9.0.0.722_08.06.2011_12-54drv;setup_9.0.0.722_08.06.2011_12-54drv; C:\Windows\system32\DRIVERS\9569444.sys [2009-10-09 311312]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-04-28 124072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2008-09-10 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2008-09-10 25184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2008-09-10 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2008-09-10 117400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\F-Secure\FSAUA\program\fsaua.exe [2008-09-10 490080]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2008-09-10 510560]
R3 F-Secure Network Request Broker;Služba F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2008-09-10 162456]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2008-09-10 55904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-04-27 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-28 1343400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
CKScanner - Additional Security Risks - These are not necessarily bad
c:\odkazy\ostatní\adobe cs5\návod na crack.txt
c:\odkazy\ostatní\adobe cs5\32bit crack\amtlib.dll
c:\odkazy\ostatní\adobe cs5\64bit crack\amtlib.dll
c:\odkazy\ostatní\adobe cs5\keygen\adobe photoshop cs-5 extended.exe
c:\odkazy\ostatní\adobe cs5\keygen\keygen-readme.txt
c:\program files\mozilla firefox\jdownloader\jdownloader\jdownloader\jd\plugins\hoster\crackedcom.class
c:\program files\mozilla firefox\microsoft-office-2007-full-cz-key-by-majky\off07entcz\licenční klíč\keygen.exe
c:\windows\prefetch\keygen.exe-7c02730b.pf
c:\windows\prefetch\keygen.exe-e097403d.pf
c:\windows\prefetch\office 2010 crack.exe-1b4f8d02.pf
c:\windows\prefetch\office 2010 crack.exe-4e312deb.pf
c:\windows\prefetch\office 2010 crack.exe-c11e4fd6.pf
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
scanner sequence 3.ZZ.11
----- EOF -----
Zdravím, mám spuštěný Kaspersky online scaner tak to je možná ono. Glary a toolbary sem odinstaloval ,office nevím
pc jsem kupoval na inzerát a nějaký programy už tam byli.Znám jen základní věci a z ostatním bojuju 
File name:
95694442.sys
Submission date:
2011-06-08 11:26:28 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
95694441.sys
Submission date:
2011-06-08 11:34:06 (UTC)
iurrent status:
finished
Result:
0/ 42 (0.0%)
user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
9569444.sys
Submission date:
2011-06-08 11:36:42 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)
Logfile of random's system information tool 1.08 (written by random/random)
Run by meny at 2011-06-08 12:58:07
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 64 GB (64%) free of 100 GB
Total RAM: 2047 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:38, on 8.6.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\F-Secure\common\FSM32.EXE
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\CrystalDiskInfo\DiskInfo.exe
C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\setup_9.0.0.722_08.06.2011_12-54.exe
C:\Users\meny\Desktop\RSIT.exe
C:\Program Files\trend micro\meny.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: setup_9.0.0.722_08.06.2011_12-54.lnk = C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\startup.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: Služba F-Secure Network Request Broker (F-Secure Network Request Broker) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 8982 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GlaryInitialize.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-01-19 1175152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2008-09-10 182936]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2008-09-10 1182304]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-01-19 489584]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-05-28 412560]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-05-14 399736]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
C:\Users\meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
setup_9.0.0.722_08.06.2011_12-54.lnk - C:\Users\meny\Desktop\Virus Removal Tool\setup_9.0.0.722_08.06.2011_12-54\startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-06-08 12:58:09 ----D---- C:\Program Files\trend micro
2011-06-08 12:58:07 ----D---- C:\rsit
2011-06-08 12:12:17 ----D---- C:\ProgramData\Kaspersky Lab
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\95694442.sys
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\95694441.sys
2011-06-08 12:09:36 ----A---- C:\Windows\system32\drivers\9569444.sys
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files\Skype
2011-06-08 09:57:44 ----RD---- C:\Program Files\Skype
2011-06-07 17:20:38 ----D---- C:\ProgramData\AutoKMS
2011-06-07 17:18:23 ----A---- C:\Windows\AutoKMS.exe
2011-06-07 16:54:02 ----D---- C:\Program Files\Microsoft Synchronization Services
2011-06-07 16:53:57 ----D---- C:\Program Files\Common Files\DESIGNER
2011-06-07 16:53:05 ----D---- C:\Windows\PCHEALTH
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft Sync Framework
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-06-07 16:51:40 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-06-07 16:50:15 ----D---- C:\Program Files\Microsoft Analysis Services
2011-06-07 16:48:07 ----RHD---- C:\MSOCache
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll
2011-06-04 18:44:58 ----D---- C:\Program Files\PhotoFiltre
2011-06-02 16:49:59 ----D---- C:\Program Files\Movie Maker 2.6
2011-05-31 16:15:09 ----D---- C:\Program Files\Reference Assemblies
2011-05-31 14:44:40 ----D---- C:\ProgramData\NCH Software
2011-05-31 14:44:13 ----D---- C:\Program Files\NCH Software
2011-05-31 14:42:19 ----D---- C:\Users\meny\AppData\Roaming\NCH Software
2011-05-31 10:54:29 ----D---- C:\Program Files\CrystalDiskInfo
2011-05-25 22:23:13 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-25 08:31:08 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 22:05:38 ----A---- C:\Windows\amcap.exe
2011-05-24 09:02:16 ----A---- C:\Windows\system32\poqexec.exe
2011-05-21 17:40:00 ----D---- C:\Users\meny\AppData\Roaming\IDM
2011-05-21 17:39:58 ----D---- C:\Users\meny\AppData\Roaming\DMCache
2011-05-21 17:39:46 ----D---- C:\Program Files\Internet Download Manager
2011-05-18 23:44:33 ----RASH---- C:\MSDOS.SYS
2011-05-18 23:44:33 ----RASH---- C:\IO.SYS
2011-05-16 20:14:12 ----D---- C:\Users\meny\AppData\Roaming\VitySoft
2011-05-14 19:36:18 ----D---- C:\Program Files\uTorrentBar
2011-05-14 19:35:58 ----D---- C:\Program Files\uTorrent
2011-05-14 19:32:53 ----D---- C:\Users\meny\AppData\Roaming\uTorrent
2011-05-13 00:26:22 ----D---- C:\Program Files\Glary Utilities
2011-05-12 17:34:04 ----D---- C:\Program Files\TeamViewer
2011-05-12 16:42:18 ----D---- C:\Users\meny\AppData\Roaming\GlarySoft
2011-05-11 09:41:39 ----D---- C:\Users\meny\AppData\Roaming\Opera
2011-05-11 09:41:35 ----D---- C:\Program Files\Opera
2011-05-11 09:07:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 09:07:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 09:06:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-09 18:43:02 ----D---- C:\Users\meny\AppData\Roaming\Ashampoo
2011-05-09 18:41:47 ----D---- C:\ProgramData\ashampoo
2011-05-09 18:41:28 ----D---- C:\Program Files\Ashampoo
======List of files/folders modified in the last 1 months======
2011-06-08 12:58:14 ----D---- C:\Windows\Temp
2011-06-08 12:58:09 ----RD---- C:\Program Files
2011-06-08 12:57:55 ----D---- C:\Users\meny\AppData\Roaming\Skype
2011-06-08 12:12:23 ----SHD---- C:\System Volume Information
2011-06-08 12:12:17 ----HD---- C:\ProgramData
2011-06-08 12:09:44 ----D---- C:\Windows\system32\drivers
2011-06-08 11:03:33 ----D---- C:\Program Files\F-Secure
2011-06-08 09:57:51 ----SHD---- C:\Windows\Installer
2011-06-08 09:57:50 ----D---- C:\Windows\system32\Tasks
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files
2011-06-08 09:57:43 ----D---- C:\ProgramData\Skype
2011-06-08 09:23:24 ----D---- C:\Windows\system32\config
2011-06-08 09:13:09 ----D---- C:\ProgramData\Microsoft Help
2011-06-08 09:06:44 ----D---- C:\Users\meny\AppData\Roaming\skypePM
2011-06-07 17:51:55 ----D---- C:\Windows\Microsoft.NET
2011-06-07 17:28:07 ----D---- C:\Windows
2011-06-07 17:26:10 ----SD---- C:\ProgramData\Microsoft
2011-06-07 17:19:56 ----D---- C:\Program Files\Microsoft Office
2011-06-07 17:07:17 ----RSD---- C:\Windows\assembly
2011-06-07 17:00:11 ----D---- C:\Windows\winsxs
2011-06-07 16:55:35 ----D---- C:\Windows\System32
2011-06-07 16:55:28 ----RSD---- C:\Windows\Fonts
2011-06-07 16:55:16 ----D---- C:\Windows\ShellNew
2011-06-07 16:55:13 ----D---- C:\Program Files\Common Files\microsoft shared
2011-06-07 16:54:54 ----D---- C:\Program Files\MSBuild
2011-06-07 16:53:05 ----D---- C:\Program Files\Microsoft.NET
2011-06-07 16:50:59 ----A---- C:\Windows\win.ini
2011-06-07 16:50:49 ----D---- C:\Program Files\Common Files\System
2011-06-07 13:39:42 ----D---- C:\Program Files\Mozilla Firefox
2011-06-07 11:11:18 ----D---- C:\Windows\system32\drivers\etc
2011-06-07 09:16:16 ----D---- C:\Windows\system32\catroot2
2011-06-06 15:32:26 ----D---- C:\Windows\Prefetch
2011-06-03 13:45:23 ----D---- C:\Users\meny\AppData\Roaming\IObit
2011-06-03 13:44:55 ----D---- C:\Program Files\IObit
2011-05-31 16:14:12 ----D---- C:\Program Files\WinRAR
2011-05-31 16:13:50 ----D---- C:\Program Files\RocketDock
2011-05-31 16:13:01 ----D---- C:\Program Files\Seznam.cz
2011-05-28 17:13:23 ----A---- C:\Windows\WorldTimeClock.ini
2011-05-27 10:44:16 ----D---- C:\Users\meny\AppData\Roaming\Media Player Classic
2011-05-26 20:41:24 ----D---- C:\Program Files\Windows Media Player
2011-05-25 08:30:37 ----D---- C:\Windows\system32\catroot
2011-05-24 22:11:33 ----D---- C:\Windows\twain_32
2011-05-24 22:11:33 ----D---- C:\Windows\inf
2011-05-24 22:06:10 ----D---- C:\Windows\system32\DriverStore
2011-05-24 22:05:21 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-21 14:46:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-15 23:59:29 ----D---- C:\Users\meny\AppData\Roaming\Ahead
2011-05-15 10:07:52 ----SD---- C:\Users\meny\AppData\Roaming\Microsoft
2011-05-14 21:29:56 ----D---- C:\Windows\system32\appmgmt
2011-05-13 11:27:54 ----D---- C:\Windows\debug
2011-05-13 00:26:34 ----D---- C:\Windows\Tasks
2011-05-11 16:20:49 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 95694442;95694442 Boot Guard Driver; C:\Windows\system32\DRIVERS\95694442.sys [2009-10-22 37392]
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2011-04-28 42664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 95694441;95694441; C:\Windows\system32\DRIVERS\95694441.sys [2009-09-25 128016]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2008-09-10 66720]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2008-09-10 35552]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2008-09-10 70944]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2008-09-10 12384]
R1 setup_9.0.0.722_08.06.2011_12-54drv;setup_9.0.0.722_08.06.2011_12-54drv; C:\Windows\system32\DRIVERS\9569444.sys [2009-10-09 311312]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-04-28 124072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2008-09-10 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2008-09-10 25184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2008-09-10 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2008-09-10 117400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\F-Secure\FSAUA\program\fsaua.exe [2008-09-10 490080]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2008-09-10 510560]
R3 F-Secure Network Request Broker;Služba F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2008-09-10 162456]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2008-09-10 55904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-04-27 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-28 1343400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
CKScanner - Additional Security Risks - These are not necessarily bad
c:\odkazy\ostatní\adobe cs5\návod na crack.txt
c:\odkazy\ostatní\adobe cs5\32bit crack\amtlib.dll
c:\odkazy\ostatní\adobe cs5\64bit crack\amtlib.dll
c:\odkazy\ostatní\adobe cs5\keygen\adobe photoshop cs-5 extended.exe
c:\odkazy\ostatní\adobe cs5\keygen\keygen-readme.txt
c:\program files\mozilla firefox\jdownloader\jdownloader\jdownloader\jd\plugins\hoster\crackedcom.class
c:\program files\mozilla firefox\microsoft-office-2007-full-cz-key-by-majky\off07entcz\licenční klíč\keygen.exe
c:\windows\prefetch\keygen.exe-7c02730b.pf
c:\windows\prefetch\keygen.exe-e097403d.pf
c:\windows\prefetch\office 2010 crack.exe-1b4f8d02.pf
c:\windows\prefetch\office 2010 crack.exe-4e312deb.pf
c:\windows\prefetch\office 2010 crack.exe-c11e4fd6.pf
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
scanner sequence 3.ZZ.11
----- EOF -----
Zdravím, mám spuštěný Kaspersky online scaner tak to je možná ono. Glary a toolbary sem odinstaloval ,office nevím
pc jsem kupoval na inzerát a nějaký programy už tam byli.Znám jen základní věci a z ostatním bojuju -
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Poprosím o preventivní kontrolu logu
Místo office doporučuji zdarma LibreOffice http://www.libreoffice.org/download/To co jste vložil je log.txt...jděte do složky C:\RSIT\ a vložte obsah souboru info.txt
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Poprosím o preventivní kontrolu logu
info.txt logfile of random's system information tool 1.08 2011-06-08 12:58:47
======Uninstall list======
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Policy Manager Support"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.4.4 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Advanced SystemCare 4-->"C:\Program Files\IObit\Advanced SystemCare 4\unins000.exe"
Aktualizace NVIDIA 1.1.34-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
Aktualizace pro Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{06C62E6B-B559-416A-9954-07C67F50F84A}" "1029" "0"
Ashampoo Burning Studio 6 FREE v.6.80-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 2.0\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CrystalDiskInfo 4.0.1-->"C:\Program Files\CrystalDiskInfo\unins000.exe"
Debut Video Capture Software-->C:\Program Files\NCH Software\Debut\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}" "1029" "0"
EVEREST Ultimate Edition v4.60-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FormatFactory 2.60-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
F-Secure Client Security – Kontrola e-mailů-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
F-Secure Client Security – Kontrola přenosu na webu-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
F-Secure Client Security - Ochrana Internetu-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
F-Secure Client Security - Ochrana proti virům a spywaru-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
F-Secure Client Security - Ochrana systému-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
Glary Utilities 2.33.0.1158-->"C:\Program Files\Glary Utilities\unins000.exe"
Java(TM) 6 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF}
K-Lite Mega Codec Pack 5.6.1-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox 4.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA 3D Vision Controller Driver 270.61-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA 3D Vision Controller Driver-->"C:\Program Files\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly
NVIDIA Ovladače grafiky 270.61-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
Opera 11.11-->"C:\Program Files\Opera\Opera.exe" /uninstall
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft Excel 2010 (KB2466146)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4D3B2D30-46D3-4DC0-BA73-85306B10E0AE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB2519975)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1029" "0"
Seznam Pošťák (Všichni uživatelé tohoto počítače.)-->"C:\Program Files\Seznam.cz\postak-uninstall.exe" /AllUsers
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1029" "0"
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2493983)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{309EEC22-83CE-4109-B019-BA9392FAA322}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}" "1029" "0"
uTorrentBar Toolbar-->C:\PROGRA~1\UTORRE~1\UNWISE.EXE /U C:\PROGRA~1\UTORRE~1\INSTALL.LOG
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1 localhost
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 wat.microsoft.com
127.0.0.1 mpa.microsoft.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
======System event log======
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Security Center byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Microsoft Software Shadow Copy Provider byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0
Podpis problému:
P1: x86
P2: ACPI\ATK0110
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:
Připojené soubory:
C:\Windows\Temp\DMI8545.tmp.log.xml
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_93856eefc23cb6f60c4f9525ca72dec1a9d7155_cab_0666865e
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 1fb34823-710e-11e0-932a-ac049c5d64a4
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20110427203710.000000-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110427203543.000000-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110427203539.000000-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110427203534.563082-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110427203534.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203505.890163-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203505.890163-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x234c3
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203505.500162-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203503.035351-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203502.910551-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=1
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=5f03
-----------------EOF-----------------
======Uninstall list======
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Policy Manager Support"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.4.4 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Advanced SystemCare 4-->"C:\Program Files\IObit\Advanced SystemCare 4\unins000.exe"
Aktualizace NVIDIA 1.1.34-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
Aktualizace pro Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{06C62E6B-B559-416A-9954-07C67F50F84A}" "1029" "0"
Ashampoo Burning Studio 6 FREE v.6.80-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 2.0\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CrystalDiskInfo 4.0.1-->"C:\Program Files\CrystalDiskInfo\unins000.exe"
Debut Video Capture Software-->C:\Program Files\NCH Software\Debut\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}" "1029" "0"
EVEREST Ultimate Edition v4.60-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FormatFactory 2.60-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
F-Secure Client Security – Kontrola e-mailů-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
F-Secure Client Security – Kontrola přenosu na webu-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
F-Secure Client Security - Ochrana Internetu-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
F-Secure Client Security - Ochrana proti virům a spywaru-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
F-Secure Client Security - Ochrana systému-->"C:\Program Files\F-Secure\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
Glary Utilities 2.33.0.1158-->"C:\Program Files\Glary Utilities\unins000.exe"
Java(TM) 6 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF}
K-Lite Mega Codec Pack 5.6.1-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox 4.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA 3D Vision Controller Driver 270.61-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA 3D Vision Controller Driver-->"C:\Program Files\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly
NVIDIA Ovladače grafiky 270.61-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
Opera 11.11-->"C:\Program Files\Opera\Opera.exe" /uninstall
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft Excel 2010 (KB2466146)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4D3B2D30-46D3-4DC0-BA73-85306B10E0AE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB2519975)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}" "1029" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1029" "0"
Seznam Pošťák (Všichni uživatelé tohoto počítače.)-->"C:\Program Files\Seznam.cz\postak-uninstall.exe" /AllUsers
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1029" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1029" "0"
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2493983)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{309EEC22-83CE-4109-B019-BA9392FAA322}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}" "1029" "0"
uTorrentBar Toolbar-->C:\PROGRA~1\UTORRE~1\UNWISE.EXE /U C:\PROGRA~1\UTORRE~1\INSTALL.LOG
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1 localhost
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 wat.microsoft.com
127.0.0.1 mpa.microsoft.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
======System event log======
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Security Center byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Microsoft Software Shadow Copy Provider byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0
Podpis problému:
P1: x86
P2: ACPI\ATK0110
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:
Připojené soubory:
C:\Windows\Temp\DMI8545.tmp.log.xml
Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_93856eefc23cb6f60c4f9525ca72dec1a9d7155_cab_0666865e
Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 1fb34823-710e-11e0-932a-ac049c5d64a4
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20110427203710.000000-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110427203543.000000-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110427203539.000000-000
Event Type: Informace
User:
Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110427203534.563082-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110427203534.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203505.890163-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin
Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -
Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203505.890163-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x234c3
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203505.500162-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203503.035351-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110427203502.910551-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=1
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=5f03
-----------------EOF-----------------
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Poprosím o preventivní kontrolu logu
Odinstalovat Advanced SystemCare 4,TuneUp Utilities K-Lite Mega Codec Pack 5.6.1 je již aktualizovaná verze,ale to teď neřešme..na konci vám dám program,co hledá aktualizace nainstalovaného SW Stáhneme si na Plochu program OTM
- Spustíme soubor OTM.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým tlačítkem myši a dejte ,,Spustit jako správce,,)
- Spustí se nám program OTM a do levého okna ,,Paste Instructions for Items to be Moved,, vložíme následující skript a stiskneme tlačítko MoveIt
Kód: Vybrat vše
:files C:\ProgramData\AutoKMS C:\Windows\AutoKMS.exe AutoKMS.* /s C:\Users\meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.06.2011_12-54.lnk C:\Program Files\uTorrentBar\ C:\Windows\tasks\GlaryInitialize.job c:\odkazy\ostatní\adobe cs5\ c:\program files\mozilla firefox\microsoft-office-2007-full-cz-key-by-majky\ keygen.exe /s office 2010 crack.exe /s :reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- "{30F9B915-B755-4826-820B-08FBA6BD249D}"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- "AdobeAAMUpdater-1.0"=- "SwitchBoard"=- "AdobeCS5ServiceManager"=- "BCSSync"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] :services NBService gusvc :commands [emtytemp] [resethosts] - Po restartu pc se vám objeví log z OTM,ten mi sem prosím vložte..
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Poprosím o preventivní kontrolu logu
Zdravím, office i advanced care jsem odinstaloval.Je nutné odinstalovat i tune up? Pc jsem koupil už s tímto programem a nemám instalační cd.
Až skončí platnost tohoto programu a zvednou mě důchod tak bych si ho pořídil zase
Až skončí platnost tohoto programu a zvednou mě důchod tak bych si ho pořídil zase
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Poprosím o preventivní kontrolu logu
Dobrá tedy Tuneup si nechte udělejte OTM a vložte mi výsledný log poté pokračujeme dále
Tuneup si nechte udělejte OTM a vložte mi výsledný log poté pokračujeme dále Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Poprosím o preventivní kontrolu logu
========== FILES ==========
Folder move failed. C:\ProgramData\AutoKMS scheduled to be moved on reboot.
File move failed. C:\Windows\AutoKMS.exe scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\All Users\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \ProgramData\AutoKMS scheduled to be moved on reboot.
File move failed. \ProgramData\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
Folder move failed. \Users\All Users\AutoKMS scheduled to be moved on reboot.
File move failed. \Users\All Users\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
Folder move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.xml scheduled to be moved on reboot.
File move failed. \Windows\AutoKMS.exe scheduled to be moved on reboot.
File move failed. \Windows\AutoKMS.log scheduled to be moved on reboot.
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
File/Folder C:\Users\meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.06.2011_12-54.lnk not found.
Folder C:\Program Files\uTorrentBar not found.
File/Folder C:\Windows\tasks\GlaryInitialize.job not found.
Folder c:\odkazy\ostatní\adobe cs5 not found.
Folder c:\program files\mozilla firefox\microsoft-office-2007-full-cz-key-by-majky not found.
File move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.000\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.002\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\KMSAct\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File/Folder office 2010 crack.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
========== SERVICES/DRIVERS ==========
Error: No service named NBService was found to stop!
Service\Driver key NBService not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.18.0 log created on 06092011_143530
Files moved on Reboot...
C:\ProgramData\AutoKMS folder moved successfully.
File C:\Windows\AutoKMS.exe not found!
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\All Users\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
File \ProgramData\AutoKMS not found!
File \ProgramData\AutoKMS\AutoKMS.cmd not found!
File \Users\All Users\AutoKMS not found!
File \Users\All Users\AutoKMS\AutoKMS.cmd not found!
Folder move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.xml scheduled to be moved on reboot.
File \Windows\AutoKMS.exe not found!
File move failed. \Windows\AutoKMS.log scheduled to be moved on reboot.
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
File move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.000\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.002\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\KMSAct\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Folder move failed. C:\ProgramData\AutoKMS scheduled to be moved on reboot.
File move failed. C:\Windows\AutoKMS.exe scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\All Users\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \ProgramData\AutoKMS scheduled to be moved on reboot.
File move failed. \ProgramData\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
Folder move failed. \Users\All Users\AutoKMS scheduled to be moved on reboot.
File move failed. \Users\All Users\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
Folder move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.xml scheduled to be moved on reboot.
File move failed. \Windows\AutoKMS.exe scheduled to be moved on reboot.
File move failed. \Windows\AutoKMS.log scheduled to be moved on reboot.
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
File/Folder C:\Users\meny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.06.2011_12-54.lnk not found.
Folder C:\Program Files\uTorrentBar not found.
File/Folder C:\Windows\tasks\GlaryInitialize.job not found.
Folder c:\odkazy\ostatní\adobe cs5 not found.
Folder c:\program files\mozilla firefox\microsoft-office-2007-full-cz-key-by-majky not found.
File move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.000\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.002\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\KMSAct\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File/Folder office 2010 crack.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
========== SERVICES/DRIVERS ==========
Error: No service named NBService was found to stop!
Service\Driver key NBService not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.18.0 log created on 06092011_143530
Files moved on Reboot...
C:\ProgramData\AutoKMS folder moved successfully.
File C:\Windows\AutoKMS.exe not found!
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\StartX scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\MSGBox scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\LicenseManagement scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\All Users\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_141418\Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources scheduled to be moved on reboot.
Folder move failed. \_OTM\MovedFiles\06092011_143530\_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS scheduled to be moved on reboot.
File \ProgramData\AutoKMS not found!
File \ProgramData\AutoKMS\AutoKMS.cmd not found!
File \Users\All Users\AutoKMS not found!
File \Users\All Users\AutoKMS\AutoKMS.cmd not found!
Folder move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\RarSFX0\Resources\AutoKMS\AutoKMS.xml scheduled to be moved on reboot.
File \Windows\AutoKMS.exe not found!
File move failed. \Windows\AutoKMS.log scheduled to be moved on reboot.
File move failed. \Windows\System32\Tasks\AutoKMS scheduled to be moved on reboot.
File move failed. \_OTM\MovedFiles\06092011_141418\C_ProgramData\AutoKMS\Resources\KMSKG\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.000\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\7ZipSfx.002\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
File move failed. \Users\meny\AppData\Local\Temp\KMSAct\Pack\Keygen\Keygen.exe scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Poprosím o preventivní kontrolu logu
Poprosil bych nový RSIT
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Poprosím o preventivní kontrolu logu
Logfile of random's system information tool 1.08 (written by random/random)
Run by meny at 2011-06-09 14:53:19
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 68 GB (68%) free of 100 GB
Total RAM: 2047 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:28, on 9.6.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\notepad.exe
C:\Program Files\F-Secure\common\FSM32.EXE
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Users\meny\Desktop\RSIT.exe
C:\Program Files\trend micro\meny.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: Služba F-Secure Network Request Broker (F-Secure Network Request Broker) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6061 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-01-19 1175152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2008-09-10 182936]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2008-09-10 1182304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-01-19 489584]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-05-14 399736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-06-09 14:53:19 ----D---- C:\rsit
2011-06-09 14:53:19 ----D---- C:\Program Files\trend micro
2011-06-09 14:14:18 ----D---- C:\_OTM
2011-06-09 12:10:24 ----D---- C:\Users\meny\AppData\Roaming\LibreOffice
2011-06-09 12:02:47 ----D---- C:\Program Files\LibreOffice 3
2011-06-08 12:12:17 ----D---- C:\ProgramData\Kaspersky Lab
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files\Skype
2011-06-08 09:57:44 ----RD---- C:\Program Files\Skype
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll
2011-06-04 18:44:58 ----D---- C:\Program Files\PhotoFiltre
2011-06-02 16:49:59 ----D---- C:\Program Files\Movie Maker 2.6
2011-05-31 16:15:09 ----D---- C:\Program Files\Reference Assemblies
2011-05-31 14:44:40 ----D---- C:\ProgramData\NCH Software
2011-05-31 14:44:13 ----D---- C:\Program Files\NCH Software
2011-05-31 14:42:19 ----D---- C:\Users\meny\AppData\Roaming\NCH Software
2011-05-31 10:54:29 ----D---- C:\Program Files\CrystalDiskInfo
2011-05-25 22:23:13 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-25 08:31:08 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 22:05:38 ----A---- C:\Windows\amcap.exe
2011-05-24 09:02:16 ----A---- C:\Windows\system32\poqexec.exe
2011-05-21 17:40:00 ----D---- C:\Users\meny\AppData\Roaming\IDM
2011-05-21 17:39:58 ----D---- C:\Users\meny\AppData\Roaming\DMCache
2011-05-18 23:44:33 ----RASH---- C:\MSDOS.SYS
2011-05-18 23:44:33 ----RASH---- C:\IO.SYS
2011-05-16 20:14:12 ----D---- C:\Users\meny\AppData\Roaming\VitySoft
2011-05-14 19:35:58 ----D---- C:\Program Files\uTorrent
2011-05-14 19:32:53 ----D---- C:\Users\meny\AppData\Roaming\uTorrent
2011-05-12 17:34:04 ----D---- C:\Program Files\TeamViewer
2011-05-12 16:42:18 ----D---- C:\Users\meny\AppData\Roaming\GlarySoft
2011-05-11 09:41:39 ----D---- C:\Users\meny\AppData\Roaming\Opera
2011-05-11 09:41:35 ----D---- C:\Program Files\Opera
2011-05-11 09:07:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 09:07:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 09:06:58 ----A---- C:\Windows\system32\ntoskrnl.exe
======List of files/folders modified in the last 1 months======
2011-06-09 14:53:23 ----D---- C:\Windows\Temp
2011-06-09 14:53:19 ----RD---- C:\Program Files
2011-06-09 14:50:27 ----D---- C:\Users\meny\AppData\Roaming\Skype
2011-06-09 14:43:00 ----D---- C:\Windows\system32\config
2011-06-09 14:40:19 ----HD---- C:\ProgramData
2011-06-09 14:39:29 ----D---- C:\Windows
2011-06-09 14:38:30 ----D---- C:\Windows\system32\drivers\etc
2011-06-09 14:20:49 ----D---- C:\Users\meny\AppData\Roaming\skypePM
2011-06-09 14:15:52 ----D---- C:\Program Files\Mozilla Firefox
2011-06-09 13:19:15 ----D---- C:\Program Files\F-Secure
2011-06-09 12:12:10 ----D---- C:\Windows\winsxs
2011-06-09 12:10:10 ----SHD---- C:\Windows\Installer
2011-06-09 12:09:15 ----SHD---- C:\System Volume Information
2011-06-09 12:06:28 ----RSD---- C:\Windows\assembly
2011-06-09 12:06:00 ----D---- C:\Windows\ShellNew
2011-06-09 12:03:57 ----RSD---- C:\Windows\Fonts
2011-06-09 12:01:27 ----D---- C:\Program Files\Common Files\microsoft shared
2011-06-09 11:55:06 ----D---- C:\Windows\Microsoft.NET
2011-06-09 11:18:50 ----D---- C:\Windows\system32\wdi
2011-06-09 11:15:28 ----D---- C:\Windows\system32\drivers
2011-06-09 10:39:26 ----D---- C:\ProgramData\Microsoft Help
2011-06-09 10:36:58 ----SD---- C:\ProgramData\Microsoft
2011-06-09 10:36:58 ----D---- C:\Program Files\Microsoft.NET
2011-06-09 10:36:58 ----D---- C:\Program Files\Microsoft Office
2011-06-09 10:33:46 ----D---- C:\Program Files\MSBuild
2011-06-09 10:33:18 ----D---- C:\Windows\System32
2011-06-09 10:33:18 ----D---- C:\Program Files\Common Files
2011-06-09 10:28:46 ----D---- C:\Program Files\Common Files\System
2011-06-09 10:28:42 ----A---- C:\Windows\win.ini
2011-06-08 13:46:03 ----D---- C:\Windows\system32\Tasks
2011-06-08 13:46:01 ----D---- C:\Windows\Tasks
2011-06-08 09:57:43 ----D---- C:\ProgramData\Skype
2011-06-07 09:16:16 ----D---- C:\Windows\system32\catroot2
2011-06-06 15:32:26 ----D---- C:\Windows\Prefetch
2011-06-03 13:45:23 ----D---- C:\Users\meny\AppData\Roaming\IObit
2011-06-03 13:44:55 ----D---- C:\Program Files\IObit
2011-05-31 16:14:12 ----D---- C:\Program Files\WinRAR
2011-05-31 16:13:50 ----D---- C:\Program Files\RocketDock
2011-05-31 16:13:01 ----D---- C:\Program Files\Seznam.cz
2011-05-28 17:13:23 ----A---- C:\Windows\WorldTimeClock.ini
2011-05-27 10:44:16 ----D---- C:\Users\meny\AppData\Roaming\Media Player Classic
2011-05-26 20:41:24 ----D---- C:\Program Files\Windows Media Player
2011-05-25 08:30:37 ----D---- C:\Windows\system32\catroot
2011-05-24 22:11:33 ----D---- C:\Windows\twain_32
2011-05-24 22:11:33 ----D---- C:\Windows\inf
2011-05-24 22:06:10 ----D---- C:\Windows\system32\DriverStore
2011-05-24 22:05:21 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-21 14:46:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-15 23:59:29 ----D---- C:\Users\meny\AppData\Roaming\Ahead
2011-05-15 10:07:52 ----SD---- C:\Users\meny\AppData\Roaming\Microsoft
2011-05-14 21:29:56 ----D---- C:\Windows\system32\appmgmt
2011-05-13 11:27:54 ----D---- C:\Windows\debug
2011-05-11 16:20:49 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2011-04-28 42664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2008-09-10 66720]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2008-09-10 35552]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2008-09-10 70944]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2008-09-10 12384]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-04-28 124072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2008-09-10 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2008-09-10 25184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2008-09-10 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2008-09-10 117400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\F-Secure\FSAUA\program\fsaua.exe [2008-09-10 490080]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2008-09-10 510560]
R3 F-Secure Network Request Broker;Služba F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2008-09-10 162456]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2008-09-10 55904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-04-27 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-28 1343400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Run by meny at 2011-06-09 14:53:19
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 68 GB (68%) free of 100 GB
Total RAM: 2047 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:28, on 9.6.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\notepad.exe
C:\Program Files\F-Secure\common\FSM32.EXE
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Users\meny\Desktop\RSIT.exe
C:\Program Files\trend micro\meny.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-853249028-1450227292-2706819573-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: Služba F-Secure Network Request Broker (F-Secure Network Request Broker) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6061 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-01-19 1175152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2008-09-10 182936]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2008-09-10 1182304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-01-19 489584]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-05-14 399736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-06-09 14:53:19 ----D---- C:\rsit
2011-06-09 14:53:19 ----D---- C:\Program Files\trend micro
2011-06-09 14:14:18 ----D---- C:\_OTM
2011-06-09 12:10:24 ----D---- C:\Users\meny\AppData\Roaming\LibreOffice
2011-06-09 12:02:47 ----D---- C:\Program Files\LibreOffice 3
2011-06-08 12:12:17 ----D---- C:\ProgramData\Kaspersky Lab
2011-06-08 09:57:45 ----D---- C:\Program Files\Common Files\Skype
2011-06-08 09:57:44 ----RD---- C:\Program Files\Skype
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGACheckControl.dll
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll.bak
2011-06-06 13:59:20 ----A---- C:\Windows\system32\OGAAddin.dll
2011-06-04 18:44:58 ----D---- C:\Program Files\PhotoFiltre
2011-06-02 16:49:59 ----D---- C:\Program Files\Movie Maker 2.6
2011-05-31 16:15:09 ----D---- C:\Program Files\Reference Assemblies
2011-05-31 14:44:40 ----D---- C:\ProgramData\NCH Software
2011-05-31 14:44:13 ----D---- C:\Program Files\NCH Software
2011-05-31 14:42:19 ----D---- C:\Users\meny\AppData\Roaming\NCH Software
2011-05-31 10:54:29 ----D---- C:\Program Files\CrystalDiskInfo
2011-05-25 22:23:13 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-25 08:31:08 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-24 22:05:38 ----A---- C:\Windows\amcap.exe
2011-05-24 09:02:16 ----A---- C:\Windows\system32\poqexec.exe
2011-05-21 17:40:00 ----D---- C:\Users\meny\AppData\Roaming\IDM
2011-05-21 17:39:58 ----D---- C:\Users\meny\AppData\Roaming\DMCache
2011-05-18 23:44:33 ----RASH---- C:\MSDOS.SYS
2011-05-18 23:44:33 ----RASH---- C:\IO.SYS
2011-05-16 20:14:12 ----D---- C:\Users\meny\AppData\Roaming\VitySoft
2011-05-14 19:35:58 ----D---- C:\Program Files\uTorrent
2011-05-14 19:32:53 ----D---- C:\Users\meny\AppData\Roaming\uTorrent
2011-05-12 17:34:04 ----D---- C:\Program Files\TeamViewer
2011-05-12 16:42:18 ----D---- C:\Users\meny\AppData\Roaming\GlarySoft
2011-05-11 09:41:39 ----D---- C:\Users\meny\AppData\Roaming\Opera
2011-05-11 09:41:35 ----D---- C:\Program Files\Opera
2011-05-11 09:07:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 09:07:11 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 09:07:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 09:07:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 09:06:58 ----A---- C:\Windows\system32\ntoskrnl.exe
======List of files/folders modified in the last 1 months======
2011-06-09 14:53:23 ----D---- C:\Windows\Temp
2011-06-09 14:53:19 ----RD---- C:\Program Files
2011-06-09 14:50:27 ----D---- C:\Users\meny\AppData\Roaming\Skype
2011-06-09 14:43:00 ----D---- C:\Windows\system32\config
2011-06-09 14:40:19 ----HD---- C:\ProgramData
2011-06-09 14:39:29 ----D---- C:\Windows
2011-06-09 14:38:30 ----D---- C:\Windows\system32\drivers\etc
2011-06-09 14:20:49 ----D---- C:\Users\meny\AppData\Roaming\skypePM
2011-06-09 14:15:52 ----D---- C:\Program Files\Mozilla Firefox
2011-06-09 13:19:15 ----D---- C:\Program Files\F-Secure
2011-06-09 12:12:10 ----D---- C:\Windows\winsxs
2011-06-09 12:10:10 ----SHD---- C:\Windows\Installer
2011-06-09 12:09:15 ----SHD---- C:\System Volume Information
2011-06-09 12:06:28 ----RSD---- C:\Windows\assembly
2011-06-09 12:06:00 ----D---- C:\Windows\ShellNew
2011-06-09 12:03:57 ----RSD---- C:\Windows\Fonts
2011-06-09 12:01:27 ----D---- C:\Program Files\Common Files\microsoft shared
2011-06-09 11:55:06 ----D---- C:\Windows\Microsoft.NET
2011-06-09 11:18:50 ----D---- C:\Windows\system32\wdi
2011-06-09 11:15:28 ----D---- C:\Windows\system32\drivers
2011-06-09 10:39:26 ----D---- C:\ProgramData\Microsoft Help
2011-06-09 10:36:58 ----SD---- C:\ProgramData\Microsoft
2011-06-09 10:36:58 ----D---- C:\Program Files\Microsoft.NET
2011-06-09 10:36:58 ----D---- C:\Program Files\Microsoft Office
2011-06-09 10:33:46 ----D---- C:\Program Files\MSBuild
2011-06-09 10:33:18 ----D---- C:\Windows\System32
2011-06-09 10:33:18 ----D---- C:\Program Files\Common Files
2011-06-09 10:28:46 ----D---- C:\Program Files\Common Files\System
2011-06-09 10:28:42 ----A---- C:\Windows\win.ini
2011-06-08 13:46:03 ----D---- C:\Windows\system32\Tasks
2011-06-08 13:46:01 ----D---- C:\Windows\Tasks
2011-06-08 09:57:43 ----D---- C:\ProgramData\Skype
2011-06-07 09:16:16 ----D---- C:\Windows\system32\catroot2
2011-06-06 15:32:26 ----D---- C:\Windows\Prefetch
2011-06-03 13:45:23 ----D---- C:\Users\meny\AppData\Roaming\IObit
2011-06-03 13:44:55 ----D---- C:\Program Files\IObit
2011-05-31 16:14:12 ----D---- C:\Program Files\WinRAR
2011-05-31 16:13:50 ----D---- C:\Program Files\RocketDock
2011-05-31 16:13:01 ----D---- C:\Program Files\Seznam.cz
2011-05-28 17:13:23 ----A---- C:\Windows\WorldTimeClock.ini
2011-05-27 10:44:16 ----D---- C:\Users\meny\AppData\Roaming\Media Player Classic
2011-05-26 20:41:24 ----D---- C:\Program Files\Windows Media Player
2011-05-25 08:30:37 ----D---- C:\Windows\system32\catroot
2011-05-24 22:11:33 ----D---- C:\Windows\twain_32
2011-05-24 22:11:33 ----D---- C:\Windows\inf
2011-05-24 22:06:10 ----D---- C:\Windows\system32\DriverStore
2011-05-24 22:05:21 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-21 14:46:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-15 23:59:29 ----D---- C:\Users\meny\AppData\Roaming\Ahead
2011-05-15 10:07:52 ----SD---- C:\Users\meny\AppData\Roaming\Microsoft
2011-05-14 21:29:56 ----D---- C:\Windows\system32\appmgmt
2011-05-13 11:27:54 ----D---- C:\Windows\debug
2011-05-11 16:20:49 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2011-04-28 42664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2008-09-10 66720]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2008-09-10 35552]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2008-09-10 70944]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2008-09-10 12384]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-04-28 124072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2008-09-10 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2008-09-10 25184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2008-09-10 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2008-09-10 117400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 FSAUA;F-Secure Automatic Update Agent; C:\Program Files\F-Secure\FSAUA\program\fsaua.exe [2008-09-10 490080]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2008-09-10 510560]
R3 F-Secure Network Request Broker;Služba F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2008-09-10 162456]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2008-09-10 55904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-04-27 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-28 1343400]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Poprosím o preventivní kontrolu logu
Znovu si spustíme HijackThis
Kód: Vybrat vše
C:\Program Files\trend micro\meny.exe
- Dále klikneme na tlačítko Do a system scan only
- Najdeme a označíme následující položky:
Kód: Vybrat vše
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file) R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" - klikneme na položku Fix checked a potvrdíme tlačítkem Ano
OTC
- Spustíme,zmáčkneme CleanUp a potvrdíme YES Program uklidí a následně restartuje
Po restartu...jak se PC chová
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Poprosím o preventivní kontrolu logu
Po spuštění trochu pomalejší ale ted už normál
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Poprosím o preventivní kontrolu logu
Údržba PC:
1)Čištění dočasných složek + neplatné registry
Ccleaner
Defraggler
FileHippo.com Update Checker
1)Čištění dočasných složek + neplatné registry
- Stáhneme a nainstalujeme program
- Spustíme program
-
ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
►Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner - Registry
►Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
►Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu
obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
►opakujte dokud nebude registr bez problémů - Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)
Defraggler
- Stáhneme a nainstalujeme program
- Spustíme program
- Vybereme disk ( C:,D:..prostě který používáme)
- Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
- Proveďte se všemi používanými disky
- Provádíme 1x za měsíc
FileHippo.com Update Checker
- Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
- Spustíme program
- Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
- Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
►X Updates Detected..to jsou dostupné aktualizace..
► klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
► X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní - Provádíme 1x za 14 dní nebo jednou za měsíc
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Poprosím o preventivní kontrolu logu
Dík odborníku 
Přispějete na provoz fóra?