Fb vir

Zpráva

AngusCZ · #1 Příspěvek od **AngusCZ** » 25 črc 2011 12:22

Zdravím, nejdřív chci poděkovat že se eště najdou ochotní lidé kteří dokážou pomoci a ne se jen vysmát.
K věci... Muj bratr se nechal napálít Tímhle:http://webfair.cz/threads/2713-Facebook ... FakeAV.LVT
mohli byste mi prosím pomoc??
RSIT : http://www.edisk.cz/stahni/41167/log.txt_54.31KB.html
S pozdravem Angus.

#2 Příspěvek od **vyosek** » 25 črc 2011 13:26

Zdravim a pekny den preji

Vlozte prosim log sem - pripadne jej rozdelte do vice prispevku - slouzi i jako ucebni material pro ostatni kolegy

AngusCZ · #3 Příspěvek od **AngusCZ** » 25 črc 2011 13:42

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jonas at 2011-07-25 13:17:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 19 GB (19%) free of 100 GB
Total RAM: 895 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:17:41, on 25.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\windows\update.tray-12-0\svchost.exe
C:\windows\update.tray-7-0\svchost.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\WINDOWS\systemup.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LGScsiCommandService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\sysdriver32.exe
C:\windows\system32\svchost.exe
C:\windows\update.1\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\services32.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jonas\Plocha\RSIT.exe
C:\Program Files\trend micro\Jonas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll
O2 - BHO: (no name) - {3B62CA4B-3794-4A44-88D8-2AEE76E79727} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {45D62B9F-37D5-4A13-8540-81ED1EE7BE46} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: MyAshampoo - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O2 - BHO: AVG Security Toolbar BHO - {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\windows\update.tray-12-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\windows\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [8375444.exe] "C:\DOCUME~1\Jonas\LOCALS~1\Temp\8375444.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [6084484.exe] "C:\WINDOWS\TEMP\6084484.exe"
O4 - HKLM\..\Run: [8494407.exe] "C:\WINDOWS\TEMP\8494407.exe"
O4 - HKLM\..\Run: [257215.exe] "C:\WINDOWS\TEMP\257215.exe"
O4 - HKLM\..\Run: [72516206-loader2.exe] "C:\WINDOWS\TEMP\72516206-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [systemup] "C:\WINDOWS\systemup.exe" stand
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)
O20 - Winlogon Notify: urqpnljj - urqpnljj.dll (file missing)
O20 - Winlogon Notify: windmv32 - windmv32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service aawserviceACDaemon (aawserviceACDaemon) - Unknown owner - C:\WINDOWS\system32\wpv041238668558.exe (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\windows\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate1ca7b204bb05e20) (gupdate1ca7b204bb05e20) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\WINDOWS\system32\LGScsiCommandService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\windows\system32\sfrem01.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\windows\
O23 - Service: wxpdrivers - Unknown owner - C:\windows\update.1\svchost.exe

AngusCZ · #4 Příspěvek od **AngusCZ** » 25 črc 2011 13:43

--
End of file - 14793 bytes

======Scheduled tasks folder======

C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Install_NSS.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT27766 ... hSource=13"
prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429, avg@igeared:6.010.006.004, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1, jqs@sun.com:1.0, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0, engine@conduit.com:3.3.3.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2, DTToolbar@toolbarnet.com:1.1.2.0185, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG8\Firefox
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=c:\program files\real\realplayer\browserrecord\firefox\ext
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}"=C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpf,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsjsrealplayerplugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\
DTToolbar@toolbarnet.com
{51a86bb3-6602-4c85-92a5-130ee4864f13}
{800b5000-a755-47e1-992b-48a1c1357f07}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
sweetim.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049c3e9-b461-4bc5-8870-4c09146192ca}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-12-12 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin1.dll [2011-03-20 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B62CA4B-3794-4A44-88D8-2AEE76E79727}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45D62B9F-37D5-4A13-8540-81ED1EE7BE46}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\prxtbMyA0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-29 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-29 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2011-03-20 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eee6c35c-6118-11dc-9c72-001320c79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll [2010-11-21 1054520]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll []
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-29 297648]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2011-03-20 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin1.dll [2011-03-20 3911776]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\prxtbMyA0.dll [2011-01-17 175912]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2006-08-23 16049664]
"Alcmtr"=C:\windows\ALCMTR.EXE [2006-08-23 69632]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe []
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-24 421160]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-12 198160]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
"wxpdrv"=C:\windows\services32.exe [2011-07-24 1174016]
"tray_ico"= []
"tray_ico0"=C:\windows\update.tray-12-0\svchost.exe [2011-07-24 1174016]
"tray_ico1"=C:\windows\update.tray-7-0\svchost.exe [2011-07-24 1174016]
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"8375444.exe"=C:\DOCUME~1\Jonas\LOCALS~1\Temp\8375444.exe [2011-07-24 247296]
"sysdriver32.exe"=C:\windows\sysdriver32.exe [2011-07-24 247296]
"sysdriver32_.exe"=C:\windows\sysdriver32_.exe [2011-07-24 247296]
"6084484.exe"=C:\WINDOWS\TEMP\6084484.exe [2011-07-24 247296]
"8494407.exe"=C:\WINDOWS\TEMP\8494407.exe [2011-07-24 247296]
"257215.exe"=C:\WINDOWS\TEMP\257215.exe [2011-07-24 495616]
"72516206-loader2.exe"=C:\WINDOWS\TEMP\72516206-loader2.exe [2011-07-24 247296]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe []
"systemup"=C:\WINDOWS\systemup.exe [2011-07-24 114176]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Steam"=c:\program files\steam\steam.exe [2010-12-30 1242448]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-06 39408]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-06-29 124216]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\windows\system32\avgrsstx.dll [2006-11-11 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt]
crypts.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32]
cryptnet32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqpnljj]
urqpnljj.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\windmv32]
windmv32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{3B62CA4B-3794-4A44-88D8-2AEE76E79727}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\mlJcYqRH

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\63025988.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\63025988.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

AngusCZ · #5 Příspěvek od **AngusCZ** » 25 črc 2011 13:44

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlatOut2\FlatOut2.exe"="C:\Program Files\FlatOut2\FlatOut2.exe:*:Disabled:FlatOut2"
"C:\Program Files\FlatOut\flatout.exe"="C:\Program Files\FlatOut\flatout.exe:*:Disabled:flatout"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\TrackMania Sunrise\TmSunrise.exe"="C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\ABC\Alpine Skiing & Ski Jumping\Alpine Skiing\alpineski.exe"="C:\Program Files\ABC\Alpine Skiing & Ski Jumping\Alpine Skiing\alpineski.exe:*:Enabled:alpineski"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Games\cs-nonsteam\hl.exe"="C:\Games\cs-nonsteam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\SIERRA\Half-Life\hlds.exe"="C:\SIERRA\Half-Life\hlds.exe:*:Enabled:hlds"
"C:\SIERRA\Half-Life\valve\cs-nonsteam\hl.exe"="C:\SIERRA\Half-Life\valve\cs-nonsteam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Counter-strike\hl.exe"="C:\Program Files\Counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\JoWooD\King\king.exe"="C:\Program Files\JoWooD\King\king.exe:*:Enabled:king"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Counter Strike Source\hl2.exe"="C:\Program Files\Counter Strike Source\hl2.exe:*:Disabled:hl2"
"C:\Program Files\Counter Strike Source\srcds.exe"="C:\Program Files\Counter Strike Source\srcds.exe:*:Enabled:srcds"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\1C\UAZ Racing 4x4\uaz4x4.exe"="C:\Program Files\1C\UAZ Racing 4x4\uaz4x4.exe:*:Enabled:UAZ 4x4"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Steam\steamapps\jonas66940\race on - demo\RaceOn_Demo_Steam.exe"="C:\Program Files\Steam\steamapps\jonas66940\race on - demo\RaceOn_Demo_Steam.exe:*:Enabled:RACE On - DEMO"
"C:\Program Files\Steam\steamapps\jonas66940\race on - demo\Config.exe"="C:\Program Files\Steam\steamapps\jonas66940\race on - demo\Config.exe:*:Enabled:RACE On - DEMO"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Techland\Call of Juarez\CoJ.exe"="C:\Program Files\Techland\Call of Juarez\CoJ.exe:*:Enabled:The Call of Juarez"
"D:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe"="D:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited"
"D:\Program Files\Counter Strike Source\hl2.exe"="D:\Program Files\Counter Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Day of Defeat\hl2.exe"="D:\Program Files\Day of Defeat\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source\hl2.exe"="C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source\hl2.exe:*:Enabled:Zombie Panic Source"
"C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source dedicated server\srcds.exe"="C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source dedicated server\srcds.exe:*:Enabled:Zombie Panic Source Dedicated Server"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Counter-Strike Xtreme V5\hl.exe"="C:\Program Files\Counter-Strike Xtreme V5\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\half-life 2\hl2.exe"="C:\Program Files\Valve\half-life 2\hl2.exe:*:Enabled:HL2_1"
"C:\Program Files\Valve\half-life 2 episode one\hl2.exe"="C:\Program Files\Valve\half-life 2 episode one\hl2.exe:*:Enabled:HL2_2"
"C:\Program Files\Valve\half-life 2 episode two\hl2.exe"="C:\Program Files\Valve\half-life 2 episode two\hl2.exe:*:Enabled:HL2_3"
"C:\Program Files\Counter-Strike Source\Counter Strike Source 2010\hl2.exe"="C:\Program Files\Counter-Strike Source\Counter Strike Source 2010\hl2.exe:*:Enabled:hl2"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*:Enabled:Combat Arms"
"C:\Program Files\Steam\steamapps\anguscz\zombie panic! source\hl2.exe"="C:\Program Files\Steam\steamapps\anguscz\zombie panic! source\hl2.exe:*:Enabled:hl2"
"C:\SIERRA\Half-Life\hl.exe"="C:\SIERRA\Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe"="C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\windows\update.1\svchost.exe:*:Enabled:C:\windows\update.1\svchost.exe"
"C:\WINDOWS\services32.exe"="C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe"
"C:\WINDOWS\update.tray-12-0\svchost.exe"="C:\WINDOWS\update.tray-12-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-12-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"="C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=iyvu9_32.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.FPS1"=frapsvid.dll

======List of files/folders created in the last 1 month======

2011-07-25 13:17:26 ----D---- C:\Program Files\trend micro
2011-07-25 13:17:25 ----D---- C:\rsit
2011-07-24 17:56:08 ----D---- C:\Valve
2011-07-24 17:16:00 ----D---- C:\Program Files\Guitar and Bass
2011-07-24 17:16:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Guitar and Bass
2011-07-24 16:17:57 ----HD---- C:\windows\update.tray-7-0-lnk
2011-07-24 16:17:57 ----HD---- C:\windows\update.tray-7-0
2011-07-24 16:12:52 ----A---- C:\windows\system32\drivers\aswSP.sys
2011-07-24 16:12:52 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2011-07-24 16:12:50 ----A---- C:\windows\system32\drivers\aswRdr.sys
2011-07-24 16:12:49 ----A---- C:\windows\system32\drivers\aswTdi.sys
2011-07-24 16:12:49 ----A---- C:\windows\system32\drivers\aswSnx.sys
2011-07-24 16:12:47 ----A---- C:\windows\system32\drivers\aswmon2.sys
2011-07-24 16:12:47 ----A---- C:\windows\system32\drivers\aswmon.sys
2011-07-24 16:12:47 ----A---- C:\windows\system32\drivers\aavmker4.sys
2011-07-24 16:12:07 ----A---- C:\windows\system32\aswBoot.exe
2011-07-24 16:12:07 ----A---- C:\windows\avastSS.scr
2011-07-24 16:04:13 ----D---- C:\windows\rpcminer
2011-07-24 16:04:13 ----D---- C:\windows\phoenix
2011-07-24 16:03:15 ----A---- C:\windows\ddh_iplist.txt
2011-07-24 16:02:33 ----A---- C:\windows\systemup.exe
2011-07-24 16:01:03 ----A---- C:\windows\btc_client_iplist.txt
2011-07-24 16:00:27 ----HD---- C:\windows\update.5.0
2011-07-24 15:58:27 ----A---- C:\windows\iecheck_iplist.txt
2011-07-24 15:58:05 ----HD---- C:\windows\update.2
2011-07-24 15:56:35 ----A---- C:\windows\unrar.exe
2011-07-24 15:54:58 ----A---- C:\windows\iplist.txt
2011-07-24 15:52:56 ----A---- C:\windows\sysdriver32_.exe
2011-07-24 15:52:42 ----A---- C:\windows\sysdriver32.exe
2011-07-24 15:52:12 ----A---- C:\windows\front_ip_list.txt
2011-07-24 15:51:47 ----D---- C:\windows\av_ico
2011-07-24 15:50:13 ----HD---- C:\windows\update.1
2011-07-24 15:49:09 ----HD---- C:\windows\update.tray-12-0-lnk
2011-07-24 15:49:09 ----HD---- C:\windows\update.tray-12-0
2011-07-24 15:35:41 ----A---- C:\windows\winlog-ids.txt
2011-07-24 15:35:41 ----A---- C:\windows\winlog-dirs.txt
2011-07-24 15:35:31 ----A---- C:\windows\services32.exe
2011-07-23 19:31:21 ----D---- C:\Program Files\Valve
2011-07-15 20:46:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-07-15 20:46:30 ----D---- C:\Program Files\IObit
2011-07-09 21:15:07 ----D---- C:\Program Files\FlatOut2
2011-07-09 20:15:36 ----D---- C:\Program Files\FlatOut 2 Mod Manager

======List of files/folders modified in the last 1 month======

2011-07-25 13:17:26 ----D---- C:\Program Files
2011-07-25 13:00:10 ----D---- C:\WINDOWS
2011-07-25 12:58:43 ----D---- C:\windows\system32\drivers
2011-07-25 12:53:22 ----D---- C:\Program Files\Steam
2011-07-25 12:31:57 ----D---- C:\windows\system32\CatRoot2
2011-07-25 12:31:46 ----D---- C:\Documents and Settings\Jonas\Data aplikací\Skype
2011-07-25 12:31:21 ----D---- C:\windows\Temp
2011-07-25 12:29:13 ----N---- C:\windows\SchedLgU.Txt
2011-07-25 11:58:09 ----A---- C:\boot.ini
2011-07-24 19:12:05 ----D---- C:\windows\system32
2011-07-24 19:12:04 ----D---- C:\windows\system
2011-07-24 17:49:25 ----D---- C:\Program Files\Counter-Strike 1.6
2011-07-24 16:38:17 ----SHD---- C:\windows\Installer
2011-07-24 16:38:17 ----HD---- C:\Config.Msi
2011-07-24 16:38:15 ----D---- C:\windows\WinSxS
2011-07-24 16:03:54 ----SHD---- C:\System Volume Information
2011-07-24 15:51:20 ----D---- C:\windows\system32\drivers\Avg
2011-07-24 15:14:57 ----D---- C:\windows\system32\config
2011-07-24 12:03:01 ----D---- C:\windows\Prefetch
2011-07-23 21:04:33 ----D---- C:\Documents and Settings\Jonas\Data aplikací\uTorrent
2011-07-18 19:48:32 ----A---- C:\windows\NeroDigital.ini
2011-07-16 19:18:03 ----A---- C:\windows\win.ini
2011-07-13 20:54:26 ----D---- C:\Documents and Settings\Jonas\Data aplikací\Image Zone Express
2011-07-12 17:18:43 ----D---- C:\Documents and Settings\Jonas\Data aplikací\ICQ
2011-07-09 21:13:35 ----D---- C:\windows\system32\DirectX
2011-07-09 21:13:34 ----HD---- C:\windows\inf
2011-07-09 21:13:01 ----RSD---- C:\windows\assembly
2011-07-01 17:58:35 ----D---- C:\Program Files\ICQ7.5
2011-06-28 18:45:36 ----D---- C:\Program Files\JoWooD

AngusCZ · #6 Příspěvek od **AngusCZ** » 25 črc 2011 13:44

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\windows\system32\DRIVERS\PxHelp20.sys [2010-06-10 45648]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\windows\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\windows\system32\drivers\sfsync04.sys [2006-08-11 59776]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\windows\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R1 avgldx86;AVG Free AVI Loader Driver x86; C:\windows\System32\Drivers\avgldx86.sys [2006-11-11 335240]
R1 avgmfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\windows\System32\Drivers\avgmfx86.sys [2006-11-11 27784]
R1 avgtdix;AVG Free8 Network Redirector; C:\windows\System32\Drivers\avgtdix.sys [2009-05-25 108552]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-04 218688]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 gmoups2;PS2 Scroll Mouse Device; C:\windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2006-08-23 4356608]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S1 glaide32;glaide32; \??\C:\WINDOWS\system32\drivers\glaide32.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 gHidPnp;USB Device Enhanced Function Driver; C:\windows\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
S3 gMouUsb;USB Mouse Device Drv; C:\windows\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
S3 hamachi_oem;PlayLinc Adapter; C:\windows\system32\DRIVERS\gan_adapter.sys [2006-08-28 10664]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 LgBttPort;LGE Bluetooth TransPort; C:\windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\windows\system32\DRIVERS\lgbtbus.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\windows\system32\DRIVERS\lgvmodem.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2009-02-25 602112]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-15 153376]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-03-05 47616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-11 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-11-12 215016]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-24 340992]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-07-24 495616]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-07-24 247296]
R2 wxpdrivers;wxpdrivers; C:\windows\update.1\svchost.exe [2011-07-24 1174016]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
S2 aawserviceACDaemon;Ad-Aware 2007 Service aawserviceACDaemon; C:\WINDOWS\system32\wpv041238668558.exe run []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe []
S2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe []
S2 gupdate1ca7b204bb05e20;Služba Google Update (gupdate1ca7b204bb05e20); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-12 133104]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\windows\system32\sfrem01.exe [2006-07-05 358008]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 fontcache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-12 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 nettcpportsharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#7 Příspěvek od **vyosek** » 25 črc 2011 15:57

Tam toho je, takze vyuzijem jeste jeden dukladnejsi skener

Prozente PC timhle http://download.avg.com/filedir/util/su ... 1_1184.exe - tim odmazneme zbytky po nefunkcnim AVG

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

AngusCZ · #8 Příspěvek od **AngusCZ** » 25 črc 2011 16:51

OTL logfile created on: 25.7.2011 17:31:30 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Jonas\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

895,30 Mb Total Physical Memory | 519,20 Mb Available Physical Memory | 57,99% Memory free
1,93 Gb Paging File | 1,43 Gb Available in Paging File | 74,03% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 18,68 Gb Free Space | 19,13% Space Free | Partition Type: NTFS
Drive D: | 51,39 Gb Total Space | 43,53 Gb Free Space | 84,72% Space Free | Partition Type: NTFS

Computer Name: HAD | User Name: Jonas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.07.25 17:26:28 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonas\Plocha\OTL.exe
PRC - [2011.07.25 16:15:08 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
PRC - [2011.07.24 16:02:25 | 000,114,176 | ---- | M] () -- C:\WINDOWS\systemup.exe
PRC - [2011.07.24 16:00:26 | 000,340,992 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.24 16:00:26 | 000,340,992 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.24 15:58:04 | 000,495,616 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () -- C:\WINDOWS\update.tray-7-0\svchost.exe
PRC - [2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () -- C:\WINDOWS\update.tray-12-0\svchost.exe
PRC - [2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
PRC - [2011.07.24 15:35:10 | 001,174,016 | ---- | M] () -- C:\WINDOWS\services32.exe
PRC - [2011.06.24 12:30:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.05 11:50:19 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe
PRC - [2009.12.12 13:45:01 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.04.10 19:29:08 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.15 11:15:36 | 000,417,792 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gKbdTask.exe
PRC - [2006.12.14 14:43:30 | 000,331,776 | ---- | M] () -- C:\Genius\ioCentre\gAutoScroll.exe
PRC - [2006.12.08 22:09:56 | 000,241,664 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gTaskBar.exe
PRC - [2006.12.04 20:36:24 | 000,630,784 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gMouseTask.exe
PRC - [2006.12.04 19:24:56 | 000,409,600 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gDeskMgm.exe
PRC - [2006.11.10 11:40:24 | 000,491,520 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gZoom.exe
PRC - [2006.11.10 11:06:18 | 000,315,392 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gTaskSwitch.exe
PRC - [2006.11.09 19:29:26 | 000,229,376 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gMGlass.exe
PRC - [2006.11.09 18:56:38 | 000,315,392 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gIMMgm.exe
PRC - [2006.11.09 18:12:42 | 000,487,424 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gAutoPan.exe

========== Modules (SafeList) ==========

MOD - [2011.07.25 17:26:28 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonas\Plocha\OTL.exe
MOD - [2009.12.12 13:46:17 | 000,102,400 | ---- | M] (RealPlayer) -- c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll
MOD - [2008.04.15 19:51:49 | 001,724,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
MOD - [2008.04.14 05:07:05 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AVG Security Toolbar Service)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (aawserviceACDaemon)
SRV - [2011.07.25 16:15:08 | 000,256,000 | ---- | M] () [Auto | Running] -- C:\windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.07.24 16:00:26 | 000,340,992 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011.07.24 15:58:04 | 000,495,616 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.2\svchost.exe -- (srviecheck)
SRV - [2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.05 11:50:19 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
SRV - [2006.07.05 15:02:03 | 000,358,008 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\windows\System32\sfrem01.exe -- (sfrem01) SF FrontLine Drivers Auto Removal (v1)
SRV - [2006.03.03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Unknown | Running] -- -- (avgtdix)
DRV - [2011.02.04 23:23:07 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.11.12 16:40:21 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010.01.21 02:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 02:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 02:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.17 14:31:28 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\glaide32.sys -- (glaide32)
DRV - [2009.02.26 00:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.01.12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006.08.28 23:54:56 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2006.08.23 09:28:28 | 004,356,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.08.11 15:47:13 | 000,059,776 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.07.14 08:33:58 | 000,009,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2006.07.14 08:30:52 | 000,014,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2006.07.12 05:48:46 | 000,017,408 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gMouPS2.sys -- (gmoups2)
DRV - [2006.07.10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006.07.05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\windows\System32\drivers\sfhlp01.sys -- (sfhlp01)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT27766 ... hSource=13"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.3.3.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.webhledani.cz/results.aspx?i=39&tp=ab&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpf,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsjsrealplayerplugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Jonas\Data aplikací\Facebook\npfbplugin_1_0_3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\firefox\extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
FF - HKEY_LOCAL_MACHINE\software\mozilla\firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.24 12:30:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.23 12:37:41 | 000,000,000 | ---D | M]

[2008.08.28 09:44:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Extensions
[2011.06.25 15:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions
[2011.06.25 15:37:02 | 000,000,000 | ---D | M] (BrotherSoft Extreme Community Toolbar) -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
[2011.06.21 14:39:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.25 15:37:03 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011.06.25 15:37:05 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.05.01 10:15:59 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\DTToolbar@toolbarnet.com
[2011.03.23 19:26:16 | 000,000,941 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\conduit.xml
[2011.02.04 23:21:44 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\daemon-search.xml
[2011.07.23 19:35:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-1.xml
[2009.09.12 12:23:45 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-10.xml
[2009.10.07 16:11:44 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-11.xml
[2009.11.01 21:35:13 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-12.xml
[2009.12.17 08:29:20 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-13.xml
[2009.12.29 12:52:26 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-14.xml
[2010.01.24 15:26:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-15.xml
[2010.03.23 18:51:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-16.xml
[2010.04.03 19:08:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-17.xml
[2010.06.10 15:11:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-18.xml
[2010.06.29 19:21:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-19.xml
[2009.03.12 08:47:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-2.xml
[2010.07.22 11:00:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-20.xml
[2006.11.07 15:25:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-21.xml
[2010.09.09 07:34:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-22.xml
[2010.09.17 15:14:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-23.xml
[2010.10.21 21:14:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-24.xml
[2010.10.26 18:29:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-25.xml
[2010.11.07 15:29:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-26.xml
[2010.12.15 22:09:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-27.xml
[2011.03.06 13:23:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-28.xml
[2011.03.10 21:17:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-29.xml
[2009.03.28 14:12:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-3.xml
[2011.04.30 12:16:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-30.xml
[2011.04.30 12:27:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-31.xml
[2011.05.12 14:16:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-32.xml
[2011.06.24 12:31:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-33.xml
[2009.04.24 12:24:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-4.xml
[2009.04.29 07:03:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-5.xml
[2009.06.12 20:19:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-6.xml
[2009.07.22 11:58:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-7.xml
[2009.07.23 12:23:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-8.xml
[2009.08.06 09:02:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-9.xml
[2011.06.20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.gif
[2011.06.20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.src
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.xml
[2009.10.28 23:01:46 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\sweetim.xml
[2009.05.06 09:52:54 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\winamp-search.xml
[2011.06.16 18:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.03.12 07:15:51 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.15 19:10:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{51A86BB3-6602-4C85-92A5-130EE4864F13}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
[2011.05.15 19:10:12 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.06.24 12:30:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.15 19:10:11 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.07.25 12:31:17 | 000,203,160 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {3B62CA4B-3794-4A44-88D8-2AEE76E79727} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - File not found
O2 - BHO: (no name) - {45D62B9F-37D5-4A13-8540-81ED1EE7BE46} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {a3bc75a2-1f87-4686-aa43-5347d756017c} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - File not found
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - File not found
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [257215.exe] C:\WINDOWS\TEMP\257215.exe ()
O4 - HKLM..\Run: [6084484.exe] C:\WINDOWS\TEMP\6084484.exe ()
O4 - HKLM..\Run: [7153574.exe] C:\windows\TEMP\7153574.exe ()
O4 - HKLM..\Run: [72516206-loader2.exe] C:\WINDOWS\TEMP\72516206-loader2.exe ()
O4 - HKLM..\Run: [8375444.exe] C:\Documents and Settings\Jonas\Local Settings\Temp\8375444.exe ()
O4 - HKLM..\Run: [Alcmtr] C:\windows\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] File not found
O4 - HKLM..\Run: [AVG8_TRAY] File not found
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe (TODO: <Company name>)
O4 - HKLM..\Run: [l1rezerv.exe] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\WINDOWS\systemup.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-12-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] C:\WINDOWS\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [wxpdrv] C:\WINDOWS\services32.exe ()
O4 - HKU\S-1-5-21-1275210071-920026266-839522115-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1275210071-920026266-839522115-1004..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1275210071-920026266-839522115-1004..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.19.45.14 81.19.45.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt: DllName - crypts.dll - File not found
O20 - Winlogon\Notify\cryptnet32: DllName - cryptnet32.dll - File not found
O20 - Winlogon\Notify\urqpnljj: DllName - urqpnljj.dll - File not found
O20 - Winlogon\Notify\windmv32: DllName - windmv32.dll - File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jonas\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jonas\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {3B62CA4B-3794-4A44-88D8-2AEE76E79727} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\mlJcYqRH) - File not found
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.05.05 20:09:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{846a4945-f4e1-11df-8ac2-001921a736a8}\Shell - "" = AutoRun
O33 - MountPoints2\{846a4945-f4e1-11df-8ac2-001921a736a8}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Error creating restore point.

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv32 - C:\windows\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Ligos Corporation)
Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Ligos Corporation)
Drivers32: VIDC.WMV3 - C:\windows\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\windows\System32\iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.07.25 17:26:25 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jonas\Plocha\OTL.exe
[2011.07.25 17:25:40 | 001,090,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Jonas\Plocha\avg_remover_stf_x86_2011_1184.exe
[2011.07.25 13:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.25 13:17:25 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.24 18:45:17 | 001,436,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jonas\Plocha\tdsskiller.exe
[2011.07.24 17:56:08 | 000,000,000 | ---D | C] -- C:\Valve
[2011.07.24 17:16:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Guitar and Bass
[2011.07.24 17:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Guitar and Bass
[2011.07.24 17:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jonas\Dokumenty\Guitar and Bass
[2011.07.24 17:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Guitar and Bass
[2011.07.24 17:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Guitar and Bass
[2011.07.24 16:38:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2011.07.24 16:17:57 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-7-0-lnk
[2011.07.24 16:17:57 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-7-0
[2011.07.24 16:12:52 | 000,309,848 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2011.07.24 16:12:52 | 000,019,544 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2011.07.24 16:12:50 | 000,025,432 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys
[2011.07.24 16:12:49 | 000,441,176 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2011.07.24 16:12:49 | 000,043,608 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2011.07.24 16:12:47 | 000,102,616 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswmon2.sys
[2011.07.24 16:12:47 | 000,096,344 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswmon.sys
[2011.07.24 16:12:47 | 000,030,808 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aavmker4.sys
[2011.07.24 16:12:07 | 000,199,304 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2011.07.24 16:12:07 | 000,040,112 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2011.07.24 16:04:13 | 000,000,000 | ---D | C] -- C:\windows\rpcminer
[2011.07.24 16:04:13 | 000,000,000 | ---D | C] -- C:\windows\phoenix
[2011.07.24 16:00:27 | 000,000,000 | -H-D | C] -- C:\windows\update.5.0
[2011.07.24 15:58:05 | 000,000,000 | -H-D | C] -- C:\windows\update.2
[2011.07.24 15:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\WinRAR
[2011.07.24 15:51:47 | 000,000,000 | ---D | C] -- C:\windows\av_ico
[2011.07.24 15:50:13 | 000,000,000 | -H-D | C] -- C:\windows\update.1
[2011.07.24 15:49:09 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-12-0-lnk
[2011.07.24 15:49:09 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-12-0
[2011.07.23 19:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2011.07.18 19:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jonas\Plocha\Mix rock
[4 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.07.25 17:33:02 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.25 17:32:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.25 17:26:28 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jonas\Plocha\OTL.exe
[2011.07.25 17:25:44 | 001,090,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Jonas\Plocha\avg_remover_stf_x86_2011_1184.exe
[2011.07.25 16:15:20 | 000,000,179 | ---- | M] () -- C:\windows\info1
[2011.07.25 16:15:08 | 000,256,000 | ---- | M] () -- C:\windows\sysdriver32_.exe
[2011.07.25 16:15:08 | 000,256,000 | ---- | M] () -- C:\windows\sysdriver32.exe
[2011.07.25 13:33:00 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.25 13:08:52 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Jonas\Plocha\RSIT.exe
[2011.07.25 12:33:23 | 005,589,370 | ---- | M] () -- C:\windows\phoenix.rar
[2011.07.25 12:33:23 | 000,246,272 | ---- | M] () -- C:\windows\unrar.exe
[2011.07.25 12:33:22 | 001,075,284 | ---- | M] () -- C:\windows\rpcminer.rar
[2011.07.25 12:30:36 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.07.25 12:30:03 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2011.07.25 12:10:42 | 001,008,041 | ---- | M] () -- C:\Documents and Settings\Jonas\Plocha\rkill.com
[2011.07.25 11:58:09 | 000,000,217 | ---- | M] () -- C:\boot.ini
[2011.07.24 18:45:27 | 001,436,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jonas\Plocha\tdsskiller.exe
[2011.07.24 18:00:45 | 000,001,357 | ---- | M] () -- C:\Documents and Settings\Jonas\Plocha\Counter-Strike 1.6.lnk
[2011.07.24 17:16:06 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Guitar and Bass.lnk
[2011.07.24 16:38:20 | 000,002,552 | ---- | M] () -- C:\windows\System32\CONFIG.NT
[2011.07.24 16:02:25 | 000,114,176 | ---- | M] () -- C:\windows\systemup.exe
[2011.07.24 15:56:35 | 000,904,792 | ---- | M] () -- C:\windows\geoiplist.rar
[2011.07.24 15:54:22 | 000,000,000 | ---- | M] () -- C:\windows\loader2.exe_ok
[2011.07.24 15:35:10 | 001,174,016 | ---- | M] () -- C:\windows\services32.exe
[2011.07.24 10:36:13 | 079,970,788 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2011.07.23 19:44:33 | 000,019,848 | ---- | M] () -- C:\Documents and Settings\Jonas\Plocha\[CzT]Counter_Strike_1_6_bots_100_serveru_100_nej_map.torrent
[2011.07.23 18:28:00 | 000,118,152 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011.07.21 11:08:09 | 000,013,646 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2011.07.19 18:07:00 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2011.07.18 19:48:32 | 000,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini
[4 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.25 17:30:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.25 13:08:49 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Jonas\Plocha\RSIT.exe
[2011.07.25 12:10:38 | 001,008,041 | ---- | C] () -- C:\Documents and Settings\Jonas\Plocha\rkill.com
[2011.07.24 17:59:21 | 000,001,357 | ---- | C] () -- C:\Documents and Settings\Jonas\Plocha\Counter-Strike 1.6.lnk
[2011.07.24 17:16:06 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Guitar and Bass.lnk
[2011.07.24 16:12:53 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.07.24 16:04:11 | 005,589,370 | ---- | C] () -- C:\windows\phoenix.rar
[2011.07.24 16:04:07 | 001,075,284 | ---- | C] () -- C:\windows\rpcminer.rar
[2011.07.24 16:02:33 | 000,114,176 | ---- | C] () -- C:\windows\systemup.exe
[2011.07.24 15:56:38 | 000,000,179 | ---- | C] () -- C:\windows\info1
[2011.07.24 15:56:36 | 004,636,907 | ---- | C] () -- C:\windows\geoiplist
[2011.07.24 15:56:35 | 000,904,792 | ---- | C] () -- C:\windows\geoiplist.rar
[2011.07.24 15:56:35 | 000,246,272 | ---- | C] () -- C:\windows\unrar.exe
[2011.07.24 15:54:22 | 000,000,000 | ---- | C] () -- C:\windows\loader2.exe_ok
[2011.07.24 15:52:56 | 000,256,000 | ---- | C] () -- C:\windows\sysdriver32_.exe
[2011.07.24 15:52:42 | 000,256,000 | ---- | C] () -- C:\windows\sysdriver32.exe
[2011.07.24 15:35:31 | 001,174,016 | ---- | C] () -- C:\windows\services32.exe
[2011.07.23 19:44:31 | 000,019,848 | ---- | C] () -- C:\Documents and Settings\Jonas\Plocha\[CzT]Counter_Strike_1_6_bots_100_serveru_100_nej_map.torrent
[2011.03.26 12:58:19 | 000,319,488 | R--- | C] () -- C:\windows\System32\MafiaSetup.exe
[2011.03.25 09:13:42 | 000,056,320 | ---- | C] () -- C:\windows\System32\iyvu9_32.dll
[2011.03.20 11:18:23 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2011.02.20 19:24:13 | 000,000,016 | ---- | C] () -- C:\windows\System32\crt.dat
[2011.02.18 18:47:28 | 000,296,286 | ---- | C] () -- C:\windows\System32\shimg.dll
[2010.12.18 15:03:43 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2010.11.11 22:07:57 | 000,138,184 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
[2010.11.11 22:07:56 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Jonas\Data aplikací\PnkBstrK.sys
[2010.11.11 22:07:34 | 000,215,016 | ---- | C] () -- C:\windows\System32\PnkBstrB.exe
[2010.11.11 22:07:30 | 000,075,064 | ---- | C] () -- C:\windows\System32\PnkBstrA.exe
[2010.11.11 22:07:29 | 002,427,248 | ---- | C] () -- C:\windows\System32\pbsvc_heroes.exe
[2010.06.15 03:29:18 | 000,005,632 | ---- | C] () -- C:\windows\System32\StarOpen.sys
[2010.03.24 14:19:37 | 000,010,240 | ---- | C] () -- C:\windows\System32\vidx16.dll
[2010.03.07 16:11:58 | 000,000,050 | ---- | C] () -- C:\windows\cdplayer.ini
[2010.02.21 21:36:44 | 000,237,568 | ---- | C] () -- C:\windows\System32\lame_enc.dll
[2009.12.14 12:33:14 | 000,072,360 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.11.25 16:49:42 | 000,014,848 | ---- | C] () -- C:\windows\System32\drivers\gHidPnp.sys
[2009.11.25 16:49:42 | 000,009,984 | ---- | C] () -- C:\windows\System32\drivers\gMouUsb.sys
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\windows\System32\xlive.dll.cat
[2009.08.27 21:12:05 | 000,000,400 | ---- | C] () -- C:\windows\T602.INI
[2009.05.15 16:02:30 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\glaide32.sys
[2009.03.06 15:20:32 | 000,000,703 | ---- | C] () -- C:\windows\level.ini
[2009.03.06 15:20:32 | 000,000,476 | ---- | C] () -- C:\windows\tmp2Level.ini
[2009.02.03 17:44:28 | 000,217,088 | ---- | C] () -- C:\windows\System32\libmySQL.dll
[2009.02.03 17:44:28 | 000,102,400 | ---- | C] () -- C:\windows\System32\TrackerNET.dll
[2009.02.03 17:34:47 | 000,000,340 | ---- | C] () -- C:\windows\SIERRA.INI
[2009.02.01 19:19:53 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.12.02 16:50:50 | 000,008,192 | ---- | C] () -- C:\windows\d3dx.dat
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2008.11.03 20:02:32 | 000,063,488 | ---- | C] () -- C:\windows\xobglu16.dll
[2008.11.03 20:02:32 | 000,023,552 | ---- | C] () -- C:\windows\xobglu32.dll
[2008.10.14 18:57:32 | 000,354,816 | ---- | C] () -- C:\windows\System32\psisdecd.dll
[2008.10.13 19:32:46 | 000,000,390 | ---- | C] () -- C:\windows\ODBC.INI
[2008.07.02 19:24:24 | 001,611,957 | -HS- | C] () -- C:\windows\System32\vuqbumcn.ini
[2008.07.01 18:36:10 | 001,605,366 | -HS- | C] () -- C:\windows\System32\oqyoynnq.ini
[2008.06.30 15:39:05 | 001,298,882 | -HS- | C] () -- C:\windows\System32\lgsauxmi.ini
[2008.06.29 12:11:17 | 001,322,139 | -HS- | C] () -- C:\windows\System32\nkfuvnag.ini
[2008.06.28 12:13:00 | 001,414,949 | -HS- | C] () -- C:\windows\System32\wajnhiyi.ini
[2008.06.27 08:59:24 | 001,528,032 | -HS- | C] () -- C:\windows\System32\wivvhmvc.ini
[2008.06.26 06:43:02 | 001,705,138 | -HS- | C] () -- C:\windows\System32\uijsiahk.ini
[2008.06.24 18:40:03 | 001,699,479 | -HS- | C] () -- C:\windows\System32\iycatrtf.ini
[2008.06.23 18:40:33 | 001,699,508 | -HS- | C] () -- C:\windows\System32\aabtixsk.ini
[2008.06.22 18:37:57 | 001,748,328 | -HS- | C] () -- C:\windows\System32\swwmraht.ini
[2008.06.21 18:37:10 | 001,607,314 | -HS- | C] () -- C:\windows\System32\vrjdnadq.ini
[2008.06.20 16:24:56 | 001,600,705 | -HS- | C] () -- C:\windows\System32\vjfbaoac.ini
[2008.06.19 16:23:08 | 001,600,765 | -HS- | C] () -- C:\windows\System32\jyuwexck.ini
[2008.06.17 11:20:36 | 000,096,047 | -HS- | C] () -- C:\windows\System32\HRqYcJlm.ini2
[2008.06.17 11:20:35 | 000,096,047 | -HS- | C] () -- C:\windows\System32\HRqYcJlm.ini
[2008.05.06 08:14:38 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
[2008.05.05 22:37:19 | 000,001,291 | ---- | C] () -- C:\windows\mozver.dat
[2008.05.05 22:01:18 | 000,004,249 | ---- | C] () -- C:\windows\ODBCINST.INI
[2008.05.05 22:00:05 | 000,118,152 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2008.05.05 21:41:52 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2008.05.05 21:07:13 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Jonas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.05 20:58:15 | 000,000,084 | ---- | C] () -- C:\windows\winamp.ini
[2008.05.05 20:43:31 | 000,077,824 | R--- | C] () -- C:\windows\System32\HPZIDS01.dll
[2008.05.05 20:39:21 | 000,126,897 | ---- | C] () -- C:\windows\hpoins11.dat
[2008.05.05 20:33:15 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2008.05.05 20:22:46 | 000,593,920 | ---- | C] () -- C:\windows\System32\ati2sgag.exe
[2008.05.05 20:11:51 | 000,002,048 | --S- | C] () -- C:\windows\bootstat.dat
[2008.05.05 20:06:16 | 000,021,812 | ---- | C] () -- C:\windows\System32\emptyregdb.dat
[2008.02.26 04:41:28 | 003,107,788 | ---- | C] () -- C:\windows\System32\ativvaxx.dat
[2008.02.26 04:41:28 | 003,107,788 | ---- | C] () -- C:\windows\System32\ativva5x.dat
[2008.02.26 04:41:28 | 000,887,724 | ---- | C] () -- C:\windows\System32\ativva6x.dat
[2008.02.14 19:35:13 | 000,182,995 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2006.08.28 23:54:56 | 000,010,875 | ---- | C] () -- C:\windows\System32\nicmgr.exe
[2006.05.06 01:48:52 | 000,011,634 | ---- | C] () -- C:\windows\hpomdl11.dat
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\windows\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\windows\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\windows\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\windows\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\windows\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\windows\System32\ogg.dll
[2004.09.30 09:17:31 | 000,001,578 | ---- | C] () -- C:\windows\System32\OEMINFO.INI
[2004.08.18 16:00:00 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2004.08.18 16:00:00 | 000,432,492 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2004.08.18 16:00:00 | 000,429,024 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2004.08.18 16:00:00 | 000,272,128 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2004.08.18 16:00:00 | 000,269,162 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2004.08.18 16:00:00 | 000,218,003 | ---- | C] () -- C:\windows\System32\dssec.dat
[2004.08.18 16:00:00 | 000,078,052 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2004.08.18 16:00:00 | 000,067,448 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2004.08.18 16:00:00 | 000,046,258 | ---- | C] () -- C:\windows\System32\mib.bin
[2004.08.18 16:00:00 | 000,032,072 | ---- | C] () -- C:\windows\System32\perfd005.dat
[2004.08.18 16:00:00 | 000,028,626 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2004.08.18 16:00:00 | 000,004,569 | ---- | C] () -- C:\windows\System32\secupd.dat
[2004.08.18 16:00:00 | 000,001,804 | ---- | C] () -- C:\windows\System32\dcache.bin
[2004.08.18 16:00:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\noise.dat
[2002.04.02 22:03:30 | 013,107,200 | ---- | C] () -- C:\windows\System32\oembios.bin
[2002.04.02 22:02:34 | 000,004,688 | ---- | C] () -- C:\windows\System32\oembios.dat
[2001.07.07 03:00:00 | 000,003,165 | ---- | C] () -- C:\windows\System32\HPTCPMON.INI
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\windows\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2009.12.26 14:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.01.03 13:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.07.24 17:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Guitar and Bass
[2011.05.17 11:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.07.15 20:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2011.06.12 11:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nexon
[2011.06.12 11:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NexonEU
[2009.12.26 14:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\page
[2009.10.28 23:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2011.02.20 19:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.02.13 14:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Test Drive Unlimited
[2010.10.24 19:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.05.15 19:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\.minecraft
[2009.12.26 14:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Ashampoo
[2009.06.03 21:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\AVGTOOLBAR
[2011.02.23 18:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\avidemux
[2009.12.14 13:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\CoCreate
[2011.01.03 13:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\DAEMON Tools Lite
[2010.12.30 20:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Gearbox Software
[2011.05.24 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\GetRightToGo
[2011.07.12 17:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\ICQ
[2008.05.12 19:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\ICQ Toolbar
[2011.07.13 20:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Image Zone Express
[2011.06.12 11:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\PriceGong
[2011.07.23 21:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\uTorrent
[2008.05.29 15:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\XnView
[2009.06.28 11:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2010.07.15 14:31:02 | 000,000,364 | ---- | M] () -- C:\windows\Tasks\Install_NSS.job

AngusCZ · #9 Příspěvek od **AngusCZ** » 25 črc 2011 16:52

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2004.08.18 16:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 16:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 16:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 16:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 16:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 16:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 16:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 16:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 16:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 16:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 16:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 16:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.08.21 09:44:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 16:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 16:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 16:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 16:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 16:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () MD5=1CDE7D12FC813E413A232B4D672DE7D5 -- C:\WINDOWS\update.1\svchost.exe
[2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () MD5=1CDE7D12FC813E413A232B4D672DE7D5 -- C:\WINDOWS\update.tray-12-0\svchost.exe
[2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () MD5=1CDE7D12FC813E413A232B4D672DE7D5 -- C:\WINDOWS\update.tray-12-0-lnk\svchost.exe
[2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () MD5=1CDE7D12FC813E413A232B4D672DE7D5 -- C:\WINDOWS\update.tray-7-0\svchost.exe
[2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () MD5=1CDE7D12FC813E413A232B4D672DE7D5 -- C:\WINDOWS\update.tray-7-0-lnk\svchost.exe
[2011.07.24 15:58:04 | 000,495,616 | ---- | M] () MD5=B29DC60E06AF2B9ED13E6C6935BC3670 -- C:\WINDOWS\update.2\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2011.07.24 16:00:26 | 000,340,992 | ---- | M] () MD5=DDE08469DED554140851ACFFCB8F4802 -- C:\WINDOWS\update.5.0\svchost.exe
[2004.08.18 16:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 16:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 16:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 16:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 16:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[6 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\2276f493c4f60476e857aafedebb5513\*.tmp files -> C:\windows\SoftwareDistribution\Download\2276f493c4f60476e857aafedebb5513\*.tmp -> ]
[4 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
[1 C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\windows\twain_32\*.tmp files -> C:\windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.05.15 19:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\.minecraft
[2008.05.16 14:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Adobe
[2010.10.25 14:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Apple Computer
[2008.12.24 20:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\ArcSoft
[2009.12.26 14:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Ashampoo
[2009.03.20 15:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\ATI
[2009.06.03 21:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\AVGTOOLBAR
[2011.02.23 18:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\avidemux
[2009.12.14 13:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\CoCreate
[2011.01.03 13:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\DAEMON Tools Lite
[2010.07.15 11:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\DivX
[2010.03.02 21:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\FastStone
[2010.12.30 20:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Gearbox Software
[2011.05.24 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\GetRightToGo
[2010.07.26 14:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Google
[2008.07.09 19:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Help
[2008.05.05 20:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\HP
[2011.07.12 17:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\ICQ
[2008.05.12 19:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\ICQ Toolbar
[2008.05.05 20:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Identities
[2011.07.13 20:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Image Zone Express
[2008.12.24 19:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\InstallShield
[2010.11.01 19:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\InstallShield Installation Information
[2008.05.05 21:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Macromedia
[2011.02.25 20:26:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jonas\Data aplikací\Microsoft
[2008.10.13 19:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Microsoft Web Folders
[2008.08.28 09:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla
[2011.06.12 11:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\PriceGong
[2010.03.03 15:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Real
[2009.08.24 12:32:03 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jonas\Data aplikací\SecuROM
[2011.07.25 12:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Skype
[2011.03.29 13:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\skypePM
[2009.07.13 09:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Sun
[2011.07.23 21:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\uTorrent
[2009.05.07 12:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Winamp
[2009.03.06 14:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\WinRAR
[2009.07.13 17:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\Xfire
[2008.05.29 15:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\XnView

< %APPDATA%\*.exe /s >
[2008.08.16 12:07:28 | 001,526,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Jonas\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2009.06.17 20:08:21 | 001,878,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Jonas\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.12.12 13:37:44 | 000,402,952 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Jonas\Data aplikací\Real\RealPlayer\setup\AU_setup11.exe
[2010.06.26 13:53:40 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Jonas\Data aplikací\Real\Update\setup3.10\setup.exe
[2011.07.22 15:40:01 | 000,308,864 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Jonas\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\8.01\rnupgagent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.05.05 21:59:32 | 000,094,208 | ---- | M] () -- C:\windows\System32\config\default.sav
[2008.05.05 21:59:32 | 000,638,976 | ---- | M] () -- C:\windows\System32\config\software.sav
[2008.05.05 21:59:31 | 000,454,656 | ---- | M] () -- C:\windows\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.07.24 16:38:20 | 000,002,552 | ---- | M] () -- C:\windows\system32\CONFIG.NT
[2011.07.23 18:28:00 | 000,118,152 | ---- | M] () -- C:\windows\system32\FNTCACHE.DAT
[4 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\windows\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"Steam" = "c:\program files\steam\steam.exe" -silent -- [2010.12.30 23:14:38 | 001,242,448 | ---- | M] (Valve Corporation)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2008.11.07 15:31:38 | 021,633,320 | R--- | M] (Skype Technologies S.A.)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.08.06 15:01:12 | 000,039,408 | ---- | M] (Google Inc.)
"ICQ" = "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2011.06.29 10:46:19 | 000,124,216 | ---- | M] (ICQ, LLC.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %fystemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %fystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.07.25 17:32:00 | 000,000,512 | ---- | M] () MD5=EBD235D2C6CE733AE6DE125C5A4C440D -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Jonas\Plocha\14.rar:SummaryInformation
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8

< End of report >

AngusCZ · #10 Příspěvek od **AngusCZ** » 25 črc 2011 16:53

A Extras : OTL Extras logfile created on: 25.7.2011 17:31:30 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Jonas\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

895,30 Mb Total Physical Memory | 519,20 Mb Available Physical Memory | 57,99% Memory free
1,93 Gb Paging File | 1,43 Gb Available in Paging File | 74,03% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 18,68 Gb Free Space | 19,13% Space Free | Partition Type: NTFS
Drive D: | 51,39 Gb Total Space | 43,53 Gb Free Space | 84,72% Space Free | Partition Type: NTFS

Computer Name: HAD | User Name: Jonas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\FlatOut2\FlatOut2.exe" = C:\Program Files\FlatOut2\FlatOut2.exe:*:Disabled:FlatOut2 -- ()
"C:\Program Files\FlatOut\flatout.exe" = C:\Program Files\FlatOut\flatout.exe:*:Disabled:flatout
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
"C:\Program Files\TrackMania Sunrise\TmSunrise.exe" = C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\ABC\Alpine Skiing & Ski Jumping\Alpine Skiing\alpineski.exe" = C:\Program Files\ABC\Alpine Skiing & Ski Jumping\Alpine Skiing\alpineski.exe:*:Enabled:alpineski
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Disabled:hl2
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Games\cs-nonsteam\hl.exe" = C:\Games\cs-nonsteam\hl.exe:*:Enabled:Half-Life Launcher
"C:\SIERRA\Half-Life\hlds.exe" = C:\SIERRA\Half-Life\hlds.exe:*:Enabled:hlds -- ()
"C:\SIERRA\Half-Life\valve\cs-nonsteam\hl.exe" = C:\SIERRA\Half-Life\valve\cs-nonsteam\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Counter-strike\hl.exe" = C:\Program Files\Counter-strike\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\JoWooD\King\king.exe" = C:\Program Files\JoWooD\King\king.exe:*:Enabled:king
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Counter Strike Source\hl2.exe" = C:\Program Files\Counter Strike Source\hl2.exe:*:Disabled:hl2
"C:\Program Files\Counter Strike Source\srcds.exe" = C:\Program Files\Counter Strike Source\srcds.exe:*:Enabled:srcds
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\1C\UAZ Racing 4x4\uaz4x4.exe" = C:\Program Files\1C\UAZ Racing 4x4\uaz4x4.exe:*:Enabled:UAZ 4x4
"C:\WINDOWS\system32\winver.exe" = C:\WINDOWS\system32\winver.exe:*:Enabled:winver -- (Microsoft Corporation)
"C:\Program Files\Steam\steamapps\jonas66940\race on - demo\RaceOn_Demo_Steam.exe" = C:\Program Files\Steam\steamapps\jonas66940\race on - demo\RaceOn_Demo_Steam.exe:*:Enabled:RACE On - DEMO
"C:\Program Files\Steam\steamapps\jonas66940\race on - demo\Config.exe" = C:\Program Files\Steam\steamapps\jonas66940\race on - demo\Config.exe:*:Enabled:RACE On - DEMO
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Techland\Call of Juarez\CoJ.exe" = C:\Program Files\Techland\Call of Juarez\CoJ.exe:*:Enabled:The Call of Juarez
"D:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe" = D:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited
"D:\Program Files\Counter Strike Source\hl2.exe" = D:\Program Files\Counter Strike Source\hl2.exe:*:Enabled:hl2
"D:\Program Files\Day of Defeat\hl2.exe" = D:\Program Files\Day of Defeat\hl2.exe:*:Enabled:hl2
"C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source\hl2.exe" = C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source\hl2.exe:*:Enabled:Zombie Panic Source -- ()
"C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source dedicated server\srcds.exe" = C:\Program Files\Steam\steamapps\jonas66940\zombie panic! source dedicated server\srcds.exe:*:Enabled:Zombie Panic Source Dedicated Server -- ()
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\Valve\hlds.exe" = C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher
"C:\Program Files\Counter-Strike Xtreme V5\hl.exe" = C:\Program Files\Counter-Strike Xtreme V5\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Valve\half-life 2\hl2.exe" = C:\Program Files\Valve\half-life 2\hl2.exe:*:Enabled:HL2_1
"C:\Program Files\Valve\half-life 2 episode one\hl2.exe" = C:\Program Files\Valve\half-life 2 episode one\hl2.exe:*:Enabled:HL2_2
"C:\Program Files\Valve\half-life 2 episode two\hl2.exe" = C:\Program Files\Valve\half-life 2 episode two\hl2.exe:*:Enabled:HL2_3
"C:\Program Files\Counter-Strike Source\Counter Strike Source 2010\hl2.exe" = C:\Program Files\Counter-Strike Source\Counter Strike Source 2010\hl2.exe:*:Enabled:hl2
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*:Enabled:Combat Arms
"C:\Program Files\Steam\steamapps\anguscz\zombie panic! source\hl2.exe" = C:\Program Files\Steam\steamapps\anguscz\zombie panic! source\hl2.exe:*:Enabled:hl2 -- ()
"C:\SIERRA\Half-Life\hl.exe" = C:\SIERRA\Half-Life\hl.exe:*:Enabled:Half-Life Launcher -- (Valve, L.L.C.)
"C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe" = C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\windows\update.1\svchost.exe:*:Enabled:C:\windows\update.1\svchost.exe -- ()
"C:\WINDOWS\services32.exe" = C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe -- ()
"C:\WINDOWS\update.tray-12-0\svchost.exe" = C:\WINDOWS\update.tray-12-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-12-0\svchost.exe -- ()
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe" = C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15CEC2E1-16AF-11D9-88E4-0004769F25D1}" = Colin McRae Rally 2005
"{18455581-e099-4ba8-bc6b-f34b2f06600c}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{31cf6c0e-51f0-41d2-b088-a6a143c4303c}" = SweetIM Toolbar for Internet Explorer 3.6
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C420363-F759-444C-B9D5-A0FED9A2F8A1}" = Day of Defeat Source
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5C85747A-91B6-4233-AAF8-063506D0FF4F}" = LG United Mobile Drivers
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7CDC26F7-D6BF-442A-B599-0075A48310F7}" = SA32xx Device Manager
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}" = ArcSoft MediaConverter 2.5
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
"{a2b4621b-ceb9-4e44-95fd-3500d4db3727}" = ioCentre
"{a3051cd0-2f64-3813-a88d-b8dccde8f8c7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{a92dab39-4e2c-4304-9ab6-bc44e68b55e2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{c09fb3cd-3d0c-3f2d-899a-6a1d67f2073f}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{ce2cdd62-0124-36ca-84d3-9f4dcf5c5bd9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{df6f459c-8b89-4f88-b63f-a2e136bb6b79}" = SweetIM for Messenger 2.8
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{ff66e9f6-83e7-3a3e-af14-8de9a809a6a4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFB768E4-E427-4553-BC36-A11F5E62A94D}" = Adobe Flash Player 10 ActiveX
"µtorrent cz_is1" = µTorrent CZ 1.8.3 (build 15638)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"avg8uninstall" = AVG Free 8.5
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"EAX Unified" = EAX Unified
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"Fraps" = Fraps (remove only)
"Game Booster_is1" = Game Booster
"google chrome" = Google Chrome
"Guitar and Bass_is1" = Guitar and Bass
"Half-Life" = Half-Life
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Mafia Game" = Mafia Game
"microsoft .net framework 3.5 sp1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"pod-bot 2.5" = POD-Bot 2.5
"PunkBusterSvc" = PunkBuster Services
"realplayer 12.0" = RealPlayer
"RegCleaner_is1" = RegCleaner 3.5
"Sierra Utilities" = Sierra Utilities
"Steam App 17505" = Zombie Panic Source Dedicated Server
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.82.4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike" = Counter-Strike

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23.7.2011 11:58:05 | Computer Name = HAD | Source = Application Error | ID = 1000
Description = Chybující aplikace uninstal.exe, verze 0.0.0.0, chybující modul uninstal.exe,
verze 0.0.0.0, adresa chyby 0x00004313.

Error - 23.7.2011 11:58:15 | Computer Name = HAD | Source = Application Error | ID = 1000
Description = Chybující aplikace uninstal.exe, verze 0.0.0.0, chybující modul uninstal.exe,
verze 0.0.0.0, adresa chyby 0x00004313.

Error - 23.7.2011 11:59:11 | Computer Name = HAD | Source = Application Error | ID = 1000
Description = Chybující aplikace uninstal.exe, verze 0.0.0.0, chybující modul uninstal.exe,
verze 0.0.0.0, adresa chyby 0x00004313.

Error - 23.7.2011 11:59:27 | Computer Name = HAD | Source = Application Error | ID = 1000
Description = Chybující aplikace uninstal.exe, verze 0.0.0.0, chybující modul uninstal.exe,
verze 0.0.0.0, adresa chyby 0x00004313.

Error - 23.7.2011 11:59:32 | Computer Name = HAD | Source = Application Error | ID = 1000
Description = Chybující aplikace uninstal.exe, verze 0.0.0.0, chybující modul uninstal.exe,
verze 0.0.0.0, adresa chyby 0x00004313.

Error - 23.7.2011 12:01:08 | Computer Name = HAD | Source = Application Error | ID = 1000
Description = Chybující aplikace uninstal.exe, verze 0.0.0.0, chybující modul uninstal.exe,
verze 0.0.0.0, adresa chyby 0x00004313.

Error - 23.7.2011 12:03:45 | Computer Name = HAD | Source = MsiInstaller | ID = 10005
Description = Product: LG USB Modem Drivers -- Error 2753.The File 'exeremover.exe'
is not marked for installation.

Error - 23.7.2011 12:03:57 | Computer Name = HAD | Source = MsiInstaller | ID = 10005
Description = Product: LG United Mobile Drivers -- Error 2753.The File 'exeremover.exe'
is not marked for installation.

Error - 24.7.2011 10:49:05 | Computer Name = HAD | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Skype.exe, verze 3.8.0.188, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 24.7.2011 13:29:02 | Computer Name = HAD | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Skype.exe, verze 3.8.0.188, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 25.7.2011 6:31:29 | Computer Name = HAD | Source = Service Control Manager | ID = 7001
Description = Služba AVG Free8 E-mail Scanner závisí na službě AVG Free8 WatchDog,
která neuspěla při spuštění v důsledku následující chyby: %%3

Error - 25.7.2011 6:31:29 | Computer Name = HAD | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: i8042prt

Error - 25.7.2011 6:31:29 | Computer Name = HAD | Source = Service Control Manager | ID = 7000
Description = Služba Služba inteligentního přenosu na pozadí (BITS) neuspěla při
spuštění v důsledku následující chyby: %%2

Error - 25.7.2011 6:31:29 | Computer Name = HAD | Source = Service Control Manager | ID = 7000
Description = Služba Služba inteligentního přenosu na pozadí (BITS) neuspěla při
spuštění v důsledku následující chyby: %%2

Error - 25.7.2011 7:33:00 | Computer Name = HAD | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %2 při pokusu o spuštění služby BITS s
argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 25.7.2011 7:33:00 | Computer Name = HAD | Source = Service Control Manager | ID = 7000
Description = Služba Služba inteligentního přenosu na pozadí (BITS) neuspěla při
spuštění v důsledku následující chyby: %%2

Error - 25.7.2011 7:44:32 | Computer Name = HAD | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 25.7.2011 7:44:32 | Computer Name = HAD | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 25.7.2011 7:44:32 | Computer Name = HAD | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 25.7.2011 7:44:32 | Computer Name = HAD | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

< End of report >

#11 Příspěvek od **vyosek** » 25 črc 2011 17:08

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [On_Demand | Stopped] -- -- (AVG Security Toolbar Service)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (aawserviceACDaemon)
SRV - [2011.07.25 16:15:08 | 000,256,000 | ---- | M] () [Auto | Running] -- C:\windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.07.24 16:00:26 | 000,340,992 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011.07.24 15:58:04 | 000,495,616 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.2\svchost.exe -- (srviecheck)
SRV - [2011.07.24 15:35:10 | 001,174,016 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
DRV - File not found [Kernel | Unknown | Running] -- -- (avgtdix)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - File not found
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2776682&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.3.3.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.webhledani.cz/results.aspx?i=39&tp=ab&q="
[2011.06.21 14:39:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.25 15:37:03 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011.06.25 15:37:05 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.05.01 10:15:59 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\DTToolbar@toolbarnet.com
[2011.03.23 19:26:16 | 000,000,941 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\conduit.xml
[2011.02.04 23:21:44 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\daemon-search.xml
[2011.07.23 19:35:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-1.xml
[2009.09.12 12:23:45 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-10.xml
[2009.10.07 16:11:44 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-11.xml
[2009.11.01 21:35:13 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-12.xml
[2009.12.17 08:29:20 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-13.xml
[2009.12.29 12:52:26 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-14.xml
[2010.01.24 15:26:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-15.xml
[2010.03.23 18:51:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-16.xml
[2010.04.03 19:08:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-17.xml
[2010.06.10 15:11:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-18.xml
[2010.06.29 19:21:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-19.xml
[2009.03.12 08:47:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-2.xml
[2010.07.22 11:00:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-20.xml
[2006.11.07 15:25:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-21.xml
[2010.09.09 07:34:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-22.xml
[2010.09.17 15:14:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-23.xml
[2010.10.21 21:14:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-24.xml
[2010.10.26 18:29:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-25.xml
[2010.11.07 15:29:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-26.xml
[2010.12.15 22:09:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-27.xml
[2011.03.06 13:23:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-28.xml
[2011.03.10 21:17:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-29.xml
[2009.03.28 14:12:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-3.xml
[2011.04.30 12:16:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-30.xml
[2011.04.30 12:27:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-31.xml
[2011.05.12 14:16:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-32.xml
[2011.06.24 12:31:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-33.xml
[2009.04.24 12:24:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-4.xml
[2009.04.29 07:03:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-5.xml
[2009.06.12 20:19:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-6.xml
[2009.07.22 11:58:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-7.xml
[2009.07.23 12:23:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-8.xml
[2009.08.06 09:02:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-9.xml
[2011.06.20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.gif
[2011.06.20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.src
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.xml
[2009.10.28 23:01:46 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\sweetim.xml
[2009.05.06 09:52:54 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\winamp-search.xml
[2009.03.12 07:15:51 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{51A86BB3-6602-4C85-92A5-130EE4864F13}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JONAS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\48OQF0SN.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
O2 - BHO: (no name) - {3B62CA4B-3794-4A44-88D8-2AEE76E79727} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - File not found
O2 - BHO: (no name) - {45D62B9F-37D5-4A13-8540-81ED1EE7BE46} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {a3bc75a2-1f87-4686-aa43-5347d756017c} - File not found
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - File not found
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTo1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - File not found
O3 - HKU\S-1-5-21-1275210071-920026266-839522115-1004\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [257215.exe] C:\WINDOWS\TEMP\257215.exe ()
O4 - HKLM..\Run: [6084484.exe] C:\WINDOWS\TEMP\6084484.exe ()
O4 - HKLM..\Run: [7153574.exe] C:\windows\TEMP\7153574.exe ()
O4 - HKLM..\Run: [72516206-loader2.exe] C:\WINDOWS\TEMP\72516206-loader2.exe ()
O4 - HKLM..\Run: [8375444.exe] C:\Documents and Settings\Jonas\Local Settings\Temp\8375444.exe ()
O4 - HKLM..\Run: [avast] File not found
O4 - HKLM..\Run: [AVG8_TRAY] File not found
O4 - HKLM..\Run: [l1rezerv.exe] File not found
O4 - HKLM..\Run: [sysdriver32.exe] C:\windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\WINDOWS\systemup.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-12-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] C:\WINDOWS\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] C:\WINDOWS\services32.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O20 - Winlogon\Notify\crypt: DllName - crypts.dll - File not found
O20 - Winlogon\Notify\cryptnet32: DllName - cryptnet32.dll - File not found
O20 - Winlogon\Notify\urqpnljj: DllName - urqpnljj.dll - File not found
O20 - Winlogon\Notify\windmv32: DllName - windmv32.dll - File not found
O33 - MountPoints2\{846a4945-f4e1-11df-8ac2-001921a736a8}\Shell - "" = AutoRun
[2011.07.24 16:17:57 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-7-0-lnk
[2011.07.24 16:17:57 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-7-0
[2011.07.24 16:04:13 | 000,000,000 | ---D | C] -- C:\windows\rpcminer
[2011.07.24 16:04:13 | 000,000,000 | ---D | C] -- C:\windows\phoenix
[2011.07.24 16:00:27 | 000,000,000 | -H-D | C] -- C:\windows\update.5.0
[2011.07.24 15:58:05 | 000,000,000 | -H-D | C] -- C:\windows\update.2
[2011.07.24 15:51:47 | 000,000,000 | ---D | C] -- C:\windows\av_ico
[2011.07.24 15:50:13 | 000,000,000 | -H-D | C] -- C:\windows\update.1
[2011.07.24 15:49:09 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-12-0-lnk
[2011.07.24 15:49:09 | 000,000,000 | -H-D | C] -- C:\windows\update.tray-12-0
[4 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[2011.07.25 16:15:20 | 000,000,179 | ---- | M] () -- C:\windows\info1
[2011.07.25 16:15:08 | 000,256,000 | ---- | M] () -- C:\windows\sysdriver32_.exe
[2011.07.25 16:15:08 | 000,256,000 | ---- | M] () -- C:\windows\sysdriver32.exe
[2011.07.25 13:33:00 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.25 12:33:23 | 005,589,370 | ---- | M] () -- C:\windows\phoenix.rar
[2011.07.25 12:33:23 | 000,246,272 | ---- | M] () -- C:\windows\unrar.exe
[2011.07.25 12:33:22 | 001,075,284 | ---- | M] () -- C:\windows\rpcminer.rar
[2011.07.24 16:02:25 | 000,114,176 | ---- | M] () -- C:\windows\systemup.exe
[2011.07.24 15:56:35 | 000,904,792 | ---- | M] () -- C:\windows\geoiplist.rar
[2011.07.24 15:54:22 | 000,000,000 | ---- | M] () -- C:\windows\loader2.exe_ok
[2011.07.24 15:35:10 | 001,174,016 | ---- | M] () -- C:\windows\services32.exe
[2008.07.02 19:24:24 | 001,611,957 | -HS- | C] () -- C:\windows\System32\vuqbumcn.ini
[2008.07.01 18:36:10 | 001,605,366 | -HS- | C] () -- C:\windows\System32\oqyoynnq.ini
[2008.06.30 15:39:05 | 001,298,882 | -HS- | C] () -- C:\windows\System32\lgsauxmi.ini
[2008.06.29 12:11:17 | 001,322,139 | -HS- | C] () -- C:\windows\System32\nkfuvnag.ini
[2008.06.28 12:13:00 | 001,414,949 | -HS- | C] () -- C:\windows\System32\wajnhiyi.ini
[2008.06.27 08:59:24 | 001,528,032 | -HS- | C] () -- C:\windows\System32\wivvhmvc.ini
[2008.06.26 06:43:02 | 001,705,138 | -HS- | C] () -- C:\windows\System32\uijsiahk.ini
[2008.06.24 18:40:03 | 001,699,479 | -HS- | C] () -- C:\windows\System32\iycatrtf.ini
[2008.06.23 18:40:33 | 001,699,508 | -HS- | C] () -- C:\windows\System32\aabtixsk.ini
[2008.06.22 18:37:57 | 001,748,328 | -HS- | C] () -- C:\windows\System32\swwmraht.ini
[2008.06.21 18:37:10 | 001,607,314 | -HS- | C] () -- C:\windows\System32\vrjdnadq.ini
[2008.06.20 16:24:56 | 001,600,705 | -HS- | C] () -- C:\windows\System32\vjfbaoac.ini
[2008.06.19 16:23:08 | 001,600,765 | -HS- | C] () -- C:\windows\System32\jyuwexck.ini
[2008.06.17 11:20:36 | 000,096,047 | -HS- | C] () -- C:\windows\System32\HRqYcJlm.ini2
[2008.06.17 11:20:35 | 000,096,047 | -HS- | C] () -- C:\windows\System32\HRqYcJlm.ini
[2011.07.15 20:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2009.10.28 23:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2008.05.12 19:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jonas\Data aplikací\ICQ Toolbar
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[6 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\2276f493c4f60476e857aafedebb5513\*.tmp files -> C:\windows\SoftwareDistribution\Download\2276f493c4f60476e857aafedebb5513\*.tmp -> ]
[4 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
[1 C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\windows\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\windows\twain_32\*.tmp files -> C:\windows\twain_32\*.tmp -> ]
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Jonas\Plocha\14.rar:SummaryInformation
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe"=-
"C:\WINDOWS\update.1\svchost.exe"=-
"C:\WINDOWS\services32.exe"=-
"C:\WINDOWS\update.tray-12-0\svchost.exe"=-
"C:\WINDOWS\update.2\svchost.exe"=-
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"WinampAgent"=-
"QuickTime Task"=-
"iTunesHelper"=-
"TkBellExe"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-
"Steam"=-
"DAEMON Tools Lite"=-
"Skype"=-
"swg"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):"%systemroot%\system32\svchost.exe -k netsvcs"
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):"%systemroot%\system32\svchost.exe -k netsvcs"
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001

:services
JavaQuickStarterService
gupdate1ca7b204bb05e20
gupdate
gusvc
 
:files
C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe
C:\WINDOWS\update.tray-7-0-lnk
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\SweetIM
C:\Program Files\uTorrentBar
C:\WINDOWS\update.5.0
C:\WINDOWS\update.2.0
C:\WINDOWS\update.tray-7-0
C:\WINDOWS\update.tray-12-0
C:\WINDOWS\update.1
C:\Program Files\ICQ6Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

AngusCZ · #12 Příspěvek od **AngusCZ** » 25 črc 2011 17:40

nemám vistu ani 7 scan udělalo restartovalo ale log nikde a ani OLT tam už nebyl,a zase jel naplno ufa.exe

#13 Příspěvek od **vyosek** » 25 črc 2011 17:43

Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) a krok opakujte - OTl staci normalne spustit

AngusCZ · #14 Příspěvek od **AngusCZ** » 25 črc 2011 17:55

bohužel nouzový sýstem se po chvílí přepne zpět do normálního,
zvolim stav nouze s prací v sítí ,Administrátor,sotva se načte tak se vypne a zase zpatky do normálního

#15 Příspěvek od **vyosek** » 25 črc 2011 17:56

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

VIRY.CZ

Fb vir

Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir

Re: Fb vir