Ahoj, taky prosím o pomoc. Počítač funguje vcelku normálně, nejde antivir a nenačte se stránka facebooku. Prosím co s tím? Děkuju Michal Šmíd
Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2011-07-27 18:02:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (13%) free of 38 GB
Total RAM: 255 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:34, on 27.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\sysdriver32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\ufa\ufa.exe
C:\Documents and Settings\Host\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=10184&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=10184&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=10184&bi=400
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10184&bi=400
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=desktop&s ... Terms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192168110113
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ViOrb] C:\Program Files\extras\ViOrb\ViOrb.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [3544215.exe] "C:\WINDOWS\TEMP\3544215.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [2984306.exe] "C:\WINDOWS\TEMP\2984306.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [94138163-loader2.exe] "C:\WINDOWS\TEMP\94138163-loader2.exe"
O4 - HKLM\..\Run: [8283738.exe] "C:\DOCUME~1\Michal\LOCALS~1\Temp\8283738.exe"
O4 - HKLM\..\Run: [1848189.exe] "C:\WINDOWS\TEMP\1848189.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] "D:\ICQ\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1275210071-838170752-1606980848-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Host')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - S-1-5-21-1275210071-838170752-1606980848-1006 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Host')
O4 - S-1-5-21-1275210071-838170752-1606980848-1006 User Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Host')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{66040A26-2D5D-4FF6-B95D-D2756A6A11D6}: Domain = 821002965
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = 821002965
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe
--
End of file - 11517 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "support@predictad.com:1.11, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.12, smartwebprinting@hp.com:4.5, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, DTToolbar@toolbarnet.com:1.1.4.0024, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://start.facemoods.com/results.php?f=5&a=desktop&q="
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
nppl3260.dll
nprpjplug.dll
C:\Program Files\Mozilla Firefox\searchplugins\
acpro.xml
fcmdSrchdesktop.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default\extensions\
DTToolbar@toolbarnet.com
support@predictad.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-11-11 97760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-01-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2008-12-26 77312]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ViOrb"=C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2011-01-10 136600]
"TO2WCM_McciTrayApp"=C:\Program Files\TO2WCM\McciTrayApp.exe [2008-01-30 1473536]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"wxpdrv"=C:\WINDOWS\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-7-0\svchost.exe [2011-07-25 1185280]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"3544215.exe"=C:\WINDOWS\TEMP\3544215.exe [2011-07-26 256000]
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-07-26 256000]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-07-26 256000]
"2984306.exe"=C:\WINDOWS\TEMP\2984306.exe [2011-07-26 256000]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-07-26 232960]
"94138163-loader2.exe"=C:\WINDOWS\TEMP\94138163-loader2.exe [2011-07-26 256000]
"8283738.exe"=C:\DOCUME~1\Michal\LOCALS~1\Temp\8283738.exe [2011-07-26 256000]
"1848189.exe"=C:\WINDOWS\TEMP\1848189.exe [2011-07-27 502272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"Google Update"=C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-01-11 136176]
"ICQ"=D:\ICQ\ICQ7.2\ICQ.exe [2011-01-05 133432]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []
C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"D:\ICQ\ICQ7.2\ICQ.exe"="D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\ICQ\ICQ7.2\aolload.exe"="D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe"="C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"E:\RCTYCOON (D)\DUTCH\RCT.EXE"="E:\RCTYCOON (D)\DUTCH\RCT.EXE:*:Disabled:RCT"
"D:\RCT1\rct.exe"="D:\RCT1\rct.exe:*:Disabled:rct"
"C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe"="C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader"
"C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\WINDOWS\update.tray-7-0\svchost.exe"="C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe"
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"="C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"D:\ICQ\ICQ7.2\ICQ.exe"="D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\ICQ\ICQ7.2\aolload.exe"="D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2011-07-27 18:02:53 ----D---- C:\Program Files\trend micro
2011-07-27 18:02:45 ----D---- C:\rsit
2011-07-26 19:30:05 ----ASH---- C:\hiberfil.sys
2011-07-26 17:53:50 ----D---- C:\WINDOWS\av_ico
2011-07-26 13:14:47 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-26 13:13:33 ----A---- C:\WINDOWS\l1rezerv.exe
2011-07-26 13:11:50 ----D---- C:\WINDOWS\ufa
2011-07-26 13:11:50 ----D---- C:\WINDOWS\phoenix
2011-07-26 13:11:49 ----D---- C:\WINDOWS\rpcminer
2011-07-26 13:11:19 ----HD---- C:\WINDOWS\update.2
2011-07-26 13:08:18 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-26 13:07:28 ----A---- C:\WINDOWS\unrar.exe
2011-07-26 13:07:25 ----HD---- C:\WINDOWS\update.5.0
2011-07-26 13:05:46 ----A---- C:\WINDOWS\iplist.txt
2011-07-26 13:04:40 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-07-26 13:04:04 ----A---- C:\WINDOWS\sysdriver32.exe
2011-07-26 13:03:43 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-25 21:53:01 ----HD---- C:\WINDOWS\update.1
2011-07-25 21:52:40 ----HD---- C:\WINDOWS\update.tray-7-0-lnk
2011-07-25 21:52:40 ----HD---- C:\WINDOWS\update.tray-7-0
2011-07-25 21:38:36 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-25 21:38:36 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-14 07:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-14 07:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-03 11:37:11 ----D---- C:\s_tour_3
2011-06-30 07:21:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
======List of files/folders modified in the last 1 month======
2011-07-27 18:02:53 ----RD---- C:\Program Files
2011-07-27 16:56:19 ----D---- C:\WINDOWS
2011-07-27 16:54:55 ----D---- C:\WINDOWS\Temp
2011-07-27 16:54:35 ----D---- C:\WINDOWS\Registration
2011-07-26 23:44:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-26 19:28:55 ----A---- C:\boot.ini
2011-07-26 19:18:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-26 19:16:35 ----D---- C:\WINDOWS\system32\drivers
2011-07-26 19:13:31 ----SHD---- C:\WINDOWS\Installer
2011-07-26 19:13:31 ----HD---- C:\Config.Msi
2011-07-26 19:13:24 ----D---- C:\WINDOWS\WinSxS
2011-07-26 19:12:16 ----D---- C:\WINDOWS\system32
2011-07-26 19:02:30 ----D---- C:\Documents and Settings\Michal\Data aplikací\HPAppData
2011-07-26 19:01:36 ----D---- C:\Documents and Settings\Michal\Data aplikací\ICQ
2011-07-26 18:55:46 ----A---- C:\WINDOWS\ntbtlog.txt
2011-07-26 17:31:10 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
2011-07-26 13:17:14 ----SHD---- C:\System Volume Information
2011-07-26 13:17:14 ----D---- C:\WINDOWS\system32\Restore
2011-07-15 13:10:21 ----D---- C:\Documents and Settings\Michal\Data aplikací\AIMP
2011-07-15 13:09:03 ----D---- C:\Program Files\Mozilla Firefox
2011-07-15 12:55:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-14 07:40:51 ----HD---- C:\WINDOWS\inf
2011-07-14 07:34:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-14 07:29:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2011-07-14 07:13:33 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 08:13:28 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-11 11:31:56 ----D---- C:\WINDOWS\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-05-12 20576]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-14 77568]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-12-26 41600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-03-02 218688]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2010-01-05 1714176]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2008-12-26 17664]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-14 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2008-12-26 58880]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-01-10 152984]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-26 348672]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-07-27 502272]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-07-26 256000]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-07-25 1185280]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-03 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
FB vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: FB vir
Zdravím 
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.scr na plochu
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.scr na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: FB vir
Děkuju že jste se mě ujal, jdu na to, doufám že se to podaří
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: FB vir
OTL logfile created on: 27.7.2011 19:42:16 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Host\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
255,48 Mb Total Physical Memory | 33,05 Mb Available Physical Memory | 12,94% Memory free
618,07 Mb Paging File | 180,43 Mb Available in Paging File | 29,19% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 4,66 Gb Free Space | 12,50% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 33,57 Gb Free Space | 90,08% Space Free | Partition Type: NTFS
Computer Name: SMIDOVI | User Name: Host | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.27 19:39:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
PRC - [2011.07.26 13:12:13 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
PRC - [2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () -- C:\WINDOWS\update.tray-7-0\svchost.exe
PRC - [2011.07.15 13:03:37 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008.12.19 14:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.12.07 18:35:43 | 000,069,632 | ---- | M] (Lee-Soft.com) -- C:\Program Files\Extras\ViOrb\ViOrb.exe
PRC - [2008.08.15 18:33:08 | 001,026,088 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciBrowser.exe
PRC - [2008.01.30 15:11:10 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2WCM\McciTrayApp.exe
PRC - [2006.11.17 03:12:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
========== Modules (SafeList) ==========
MOD - [2011.07.27 19:39:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
========== Driver Services (SafeList) ==========
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=desktop&s ... Terms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
IE - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.12 14:21:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.15 13:51:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.15 13:05:25 | 000,000,000 | ---D | M]
[2011.01.12 12:00:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Host\Data aplikací\Mozilla\Extensions
[2011.07.27 18:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Host\Data aplikací\Mozilla\Firefox\Profiles\7846t8h6.default\extensions
[2011.02.14 15:58:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Host\Data aplikací\Mozilla\Firefox\Profiles\7846t8h6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.04 20:47:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HOST\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7846T8H6.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2011.01.12 14:21:36 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2011.01.10 22:14:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.01.20 14:38:16 | 000,003,189 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\acpro.xml
[2010.11.29 12:25:56 | 000,002,039 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchdesktop.xml
[2011.04.18 19:50:26 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.04.18 19:50:26 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.04.18 19:50:26 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.04.18 19:50:26 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.04.18 19:50:27 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.27 16:56:44 | 000,203,160 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [1848189.exe] C:\WINDOWS\TEMP\1848189.exe ()
O4 - HKLM..\Run: [2984306.exe] C:\WINDOWS\TEMP\2984306.exe ()
O4 - HKLM..\Run: [3544215.exe] C:\WINDOWS\TEMP\3544215.exe ()
O4 - HKLM..\Run: [8283738.exe] File not found
O4 - HKLM..\Run: [94138163-loader2.exe] C:\WINDOWS\TEMP\94138163-loader2.exe ()
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avast] File not found
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [ViOrb] C:\Program Files\Extras\ViOrb\ViOrb.exe (Lee-Soft.com)
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles (Guliwer Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Host\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Host\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.10 21:17:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Unable to save MBR. Invalid drive designation: 0
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\Host\Plocha\» Nadržená máma spáchá incest se synem
[2011.07.27 19:39:32 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
[2011.07.27 18:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.27 18:02:45 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 17:53:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.07.26 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.07.26 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.07.26 13:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011.07.26 13:11:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.07.26 13:07:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.07.25 21:53:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.07.25 21:52:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
[2011.07.25 21:52:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
[2011.07.19 15:03:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Host\Plocha\rykot 2011
[2011.07.18 13:22:24 | 002,727,936 | ---- | C] ( ) -- C:\Documents and Settings\Host\Plocha\Stronghold Crusader.exe
[2011.07.03 11:37:11 | 000,000,000 | ---D | C] -- C:\s_tour_3
[2011.06.29 19:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Host\Plocha\Moje mládí
[2011.06.29 19:50:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Host\Dokumenty\Nová složka
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\Host\Plocha\» Nadržená máma spáchá incest se synem
[2011.07.27 19:39:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
[2011.07.27 19:13:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005UA.job
[2011.07.27 19:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.07.27 16:54:58 | 000,000,157 | ---- | M] () -- C:\WINDOWS\info1
[2011.07.27 16:52:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.07.27 16:52:35 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.26 20:13:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005Core.job
[2011.07.26 19:33:08 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Free Antivirus.lnk
[2011.07.26 19:32:28 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.07.26 19:28:55 | 000,000,215 | ---- | M] () -- C:\boot.ini
[2011.07.26 19:18:31 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.07.26 17:55:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 13:27:12 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 13:27:12 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.07.26 13:27:12 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011.07.26 13:27:10 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 13:12:13 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.26 13:07:27 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 13:03:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.26 13:03:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.25 16:46:54 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\Host\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.22 10:23:21 | 001,246,987 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\má třída.jpg
[2011.07.20 20:01:36 | 000,046,152 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\tampelband.htm
[2011.07.19 12:23:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.07.18 11:34:41 | 500,555,988 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\stronghold-crusader.rar
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\WINDOWS\geoiplist
[2011.07.15 12:56:00 | 000,441,696 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.07.15 12:56:00 | 000,438,268 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.07.15 12:56:00 | 000,082,988 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.07.15 12:56:00 | 000,071,632 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.07.14 07:43:50 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.14 07:13:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.06.29 19:36:40 | 000,001,545 | ---- | M] () -- C:\Documents and Settings\Host\.recently-used.xbel
[2011.06.29 12:26:25 | 000,066,554 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\Seven- Ruleta.zip
[2011.06.29 12:22:07 | 000,052,317 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\obal CD Ruleta.jpg
[2011.06.29 12:20:44 | 000,041,986 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\seven.jpg
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.26 19:30:05 | 267,964,416 | -HS- | C] () -- C:\hiberfil.sys
[2011.07.26 17:55:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 13:13:33 | 000,232,960 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.26 13:11:47 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011.07.26 13:11:41 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 13:11:21 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 13:07:30 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011.07.26 13:07:28 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.07.26 13:07:26 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 13:07:23 | 000,000,157 | ---- | C] () -- C:\WINDOWS\info1
[2011.07.26 13:04:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.26 13:04:04 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.22 10:20:34 | 001,246,987 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\má třída.jpg
[2011.07.20 20:01:32 | 000,046,152 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\tampelband.htm
[2011.07.18 11:06:29 | 500,555,988 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\stronghold-crusader.rar
[2011.06.29 19:36:40 | 000,001,545 | ---- | C] () -- C:\Documents and Settings\Host\.recently-used.xbel
[2011.06.29 12:26:25 | 000,066,554 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\Seven- Ruleta.zip
[2011.06.29 12:22:06 | 000,052,317 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\obal CD Ruleta.jpg
[2011.06.29 12:20:25 | 000,041,986 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\seven.jpg
[2011.06.16 18:35:02 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Host\Local Settings\Data aplikací\fusioncache.dat
[2011.03.08 19:09:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.03.02 17:52:40 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2011.02.03 13:36:06 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2011.01.18 14:32:27 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.01.13 14:44:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.12 17:21:46 | 000,122,368 | ---- | C] () -- C:\Documents and Settings\Host\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.12 14:06:34 | 000,175,170 | ---- | C] () -- C:\WINDOWS\hpoins44.dat
[2011.01.12 14:06:34 | 000,000,586 | ---- | C] () -- C:\WINDOWS\hpomdl44.dat
[2011.01.10 23:33:10 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.01.10 23:32:23 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.01.10 23:32:00 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2011.01.10 22:49:08 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011.01.10 22:42:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.01.10 21:45:02 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.01.10 21:44:26 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.01.10 21:44:25 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.01.10 21:44:23 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.01.10 21:44:22 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2011.01.10 21:44:22 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.01.10 21:44:21 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.01.10 21:34:36 | 000,282,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.10 21:33:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.01.10 21:05:16 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.12.26 22:17:22 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2008.12.22 13:23:55 | 000,000,177 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008.04.14 09:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.10.22 09:52:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.22 09:52:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.10.22 09:52:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.22 09:52:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.10.22 09:52:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.22 09:52:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.22 09:52:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.22 09:52:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.10.22 09:52:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.10.22 09:52:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.22 09:52:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.10.10 00:12:14 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,441,696 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,438,268 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,082,988 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,071,632 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.07.26 17:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
[2011.01.10 22:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ESET
[2011.01.13 14:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2011.05.08 20:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Drivers HeadQuarters
[2011.01.20 14:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2011.01.10 22:56:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{59F1B7A2-B922-49F5-A441-6BCA174035E7}
[2011.03.02 20:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\DAEMON Tools Lite
[2011.01.12 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ESET
[2011.01.20 16:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\facemoods.com
[2011.06.29 19:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\gtk-2.0
[2011.04.04 19:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ICQ
[2011.04.02 19:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\inkscape
[2011.07.27 19:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.12.19 14:23:26 | 000,040,960 | ---- | M] (Microsoft Corporation)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.04.11 09:16:12 | 001,276,416 | ---- | M] (Microsoft Corporation)
< >
< MD5 for: AGP440.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 12:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.12.19 14:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) MD5=D39127310CBAD1485EC5001A4ED1D853 -- C:\WINDOWS\explorer.exe
< MD5 for: FASTFAT.SYS >
[2008.04.14 00:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
< MD5 for: HAL.DLL >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.12.14 16:44:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.12.14 16:43:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NTFS.SYS >
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2011.07.27 16:54:56 | 000,502,272 | ---- | M] () MD5=38D7AB4B1D19053B410F17D55F03CC18 -- C:\WINDOWS\update.2\svchost.exe
[2011.07.26 13:07:21 | 000,348,672 | ---- | M] () MD5=6EECAB7626BABA17DB082754B5E8C5CE -- C:\WINDOWS\update.5.0\svchost.exe
[2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () MD5=7A3BC4D258CBE30DFB0649EE863FAE25 -- C:\WINDOWS\update.1\svchost.exe
[2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () MD5=7A3BC4D258CBE30DFB0649EE863FAE25 -- C:\WINDOWS\update.tray-7-0\svchost.exe
[2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () MD5=7A3BC4D258CBE30DFB0649EE863FAE25 -- C:\WINDOWS\update.tray-7-0-lnk\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.12.14 16:44:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.12.19 14:29:10 | 000,557,056 | ---- | M] (Microsoft Corporation) MD5=12A799AD9415AE9C8ABCC5F75E9CF034 -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2009.04.16 11:38:20 | 000,312,832 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp70v.dll
[2006.10.26 17:26:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2001.10.25 15:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 15:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.07.26 19:18:31 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.07.26 19:32:28 | 000,088,566 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[2000.07.14 22:30:00 | 000,118,784 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\MSSTDFMT.DLL
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2011.01.10 21:34:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.01.10 21:34:01 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.01.10 21:34:01 | 000,462,848 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.07.26 20:13:01 | 000,000,978 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005Core.job
[2011.07.27 19:13:00 | 000,001,030 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005UA.job
[2011.07.27 19:01:00 | 000,000,234 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[28 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[35 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[13 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.01.10 21:42:36 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\desktop.ini
[2011.01.12 14:52:25 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\hpzinstall.log
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.01.02 13:28:49 | 002,846,280 | ---- | M] (SmartTweak Software ) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\{59F1B7A2-B922-49F5-A441-6BCA174035E7}\UpdateMyDrivers.exe
[2010.11.10 20:58:38 | 004,162,064 | ---- | M] (Big Fish Games) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\BigFishGamesCache\Upgrade\clientinstaller\bfgsetup_s1_l1.exe
[2010.11.10 20:58:44 | 000,143,408 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\BigFishGamesCache\Upgrade\stub\kudos-rock-legend_s1_l1_gF2155T1L1_d1179309622.exe
[2011.01.18 14:12:43 | 004,219,128 | ---- | M] (Big Fish Games) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\BigFishGamesCache\Upgrade\Unpack\bfgsetup_s1_l1.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2011.01.15 16:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Adobe
[2011.02.19 18:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Ahead
[2011.03.02 20:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\DAEMON Tools Lite
[2011.01.12 17:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\DivX
[2011.01.12 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ESET
[2011.01.20 16:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\facemoods.com
[2011.06.29 19:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\gtk-2.0
[2011.03.18 18:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\HP
[2011.07.27 17:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\HPAppData
[2011.04.04 19:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ICQ
[2011.01.12 11:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Identities
[2011.04.02 19:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\inkscape
[2011.01.12 11:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Macromedia
[2011.02.21 20:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Media Player Classic
[2011.06.16 18:35:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Host\Data aplikací\Microsoft
[2011.06.11 07:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Motive
[2011.01.12 12:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Mozilla
[2011.01.19 11:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Real
[2011.04.20 12:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Sun
[2011.01.12 16:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\WinRAR
< %APPDATA%\*.* >
[2011.01.10 21:42:36 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Host\Data aplikací\desktop.ini
[2011.03.30 21:20:15 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Host\Data aplikací\ex_log.txt
< %APPDATA%\*.exe /s >
[2011.01.12 11:53:24 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Host\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-27 05:23:58
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
========== Alternate Data Streams ==========
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:0664ADFC
< End of report >
OTL Extras logfile created on: 27.7.2011 19:42:16 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Host\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
255,48 Mb Total Physical Memory | 33,05 Mb Available Physical Memory | 12,94% Memory free
618,07 Mb Paging File | 180,43 Mb Available in Paging File | 29,19% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 4,66 Gb Free Space | 12,50% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 33,57 Gb Free Space | 90,08% Space Free | Partition Type: NTFS
Computer Name: SMIDOVI | User Name: Host | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"D:\ICQ\ICQ7.2\ICQ.exe" = D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"D:\ICQ\ICQ7.2\aolload.exe" = D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"D:\ICQ\ICQ7.2\ICQ.exe" = D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"D:\ICQ\ICQ7.2\aolload.exe" = D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe" = C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos.
"E:\RCTYCOON (D)\DUTCH\RCT.EXE" = E:\RCTYCOON (D)\DUTCH\RCT.EXE:*:Disabled:RCT
"D:\RCT1\rct.exe" = D:\RCT1\rct.exe:*:Disabled:rct
"C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe" = C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader
"C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe" = C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe -- ()
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe -- ()
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()
"C:\WINDOWS\update.tray-7-0\svchost.exe" = C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe -- ()
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe" = C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{42165215-1ACA-40E1-A189-26BC0556FC3C}" = F1 Challenge 2007
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB9CEADA-E008-4219-B665-B7B4B8317A61}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D99C9A0-A05A-11D5-8C06-00A0CC273CFE}" = Master Rallye
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD104A82-D92A-484B-90F9-4CA044315DEC}" = UpdateMyDrivers
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF6B3A5A-0C24-4F04-846B-2B63AECD42EC}" = TheBat! Home v4.2.42
"{D20E73F6-FF41-4318-B23A-FB38FBDB14A4}_is1" = Dart Karaoke Studio CDG
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{EE4656A6-3283-11D6-A077-9EE0D9E64843}" = Colin McRae Rally 2.0
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"18 Wheels of Steel Pedal to the Metal" = 18 Wheels of Steel Pedal to the Metal
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aTube Catcher" = aTube Catcher
"AutocompletePro3_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"Bus Driver_is1" = Bus Driver
"Convert WAV To MP3_is1" = Convert WAV To MP3 1.0
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 Beta-1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.4
"Kudos" = Kudos
"Lamer" = Lamer
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"OggVorbis Transaltor_is1" = OggVorbis Transaltor
"Shop for HP Supplies" = Shop for HP Supplies
"Skispringen 2007_0001" = Skispringen 2007
"TO2WCM Wireless Connection Client" = O2 Wireless Connection Manager
"UpdateMyDrivers" = UpdateMyDrivers
"Windows Sidebar" = Postranní panel systému Windows
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1275210071-838170752-1606980848-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Audacity_is1" = Audacity 1.2.6
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Host\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
255,48 Mb Total Physical Memory | 33,05 Mb Available Physical Memory | 12,94% Memory free
618,07 Mb Paging File | 180,43 Mb Available in Paging File | 29,19% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 4,66 Gb Free Space | 12,50% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 33,57 Gb Free Space | 90,08% Space Free | Partition Type: NTFS
Computer Name: SMIDOVI | User Name: Host | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.27 19:39:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
PRC - [2011.07.26 13:12:13 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
PRC - [2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () -- C:\WINDOWS\update.tray-7-0\svchost.exe
PRC - [2011.07.15 13:03:37 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008.12.19 14:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.12.07 18:35:43 | 000,069,632 | ---- | M] (Lee-Soft.com) -- C:\Program Files\Extras\ViOrb\ViOrb.exe
PRC - [2008.08.15 18:33:08 | 001,026,088 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciBrowser.exe
PRC - [2008.01.30 15:11:10 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2WCM\McciTrayApp.exe
PRC - [2006.11.17 03:12:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
========== Modules (SafeList) ==========
MOD - [2011.07.27 19:39:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
========== Driver Services (SafeList) ==========
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=desktop&s ... Terms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
IE - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.12 14:21:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.15 13:51:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.15 13:05:25 | 000,000,000 | ---D | M]
[2011.01.12 12:00:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Host\Data aplikací\Mozilla\Extensions
[2011.07.27 18:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Host\Data aplikací\Mozilla\Firefox\Profiles\7846t8h6.default\extensions
[2011.02.14 15:58:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Host\Data aplikací\Mozilla\Firefox\Profiles\7846t8h6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.04 20:47:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HOST\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7846T8H6.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2011.01.12 14:21:36 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2011.01.10 22:14:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.01.20 14:38:16 | 000,003,189 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\acpro.xml
[2010.11.29 12:25:56 | 000,002,039 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchdesktop.xml
[2011.04.18 19:50:26 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.04.18 19:50:26 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.04.18 19:50:26 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.04.18 19:50:26 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.04.18 19:50:27 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.27 16:56:44 | 000,203,160 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [1848189.exe] C:\WINDOWS\TEMP\1848189.exe ()
O4 - HKLM..\Run: [2984306.exe] C:\WINDOWS\TEMP\2984306.exe ()
O4 - HKLM..\Run: [3544215.exe] C:\WINDOWS\TEMP\3544215.exe ()
O4 - HKLM..\Run: [8283738.exe] File not found
O4 - HKLM..\Run: [94138163-loader2.exe] C:\WINDOWS\TEMP\94138163-loader2.exe ()
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avast] File not found
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [ViOrb] C:\Program Files\Extras\ViOrb\ViOrb.exe (Lee-Soft.com)
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles (Guliwer Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe (ICQ, LLC.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Host\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Host\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.10 21:17:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Unable to save MBR. Invalid drive designation: 0
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\Host\Plocha\» Nadržená máma spáchá incest se synem
[2011.07.27 19:39:32 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
[2011.07.27 18:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.27 18:02:45 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 17:53:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.07.26 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.07.26 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.07.26 13:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011.07.26 13:11:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.07.26 13:07:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.07.25 21:53:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.07.25 21:52:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
[2011.07.25 21:52:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
[2011.07.19 15:03:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Host\Plocha\rykot 2011
[2011.07.18 13:22:24 | 002,727,936 | ---- | C] ( ) -- C:\Documents and Settings\Host\Plocha\Stronghold Crusader.exe
[2011.07.03 11:37:11 | 000,000,000 | ---D | C] -- C:\s_tour_3
[2011.06.29 19:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Host\Plocha\Moje mládí
[2011.06.29 19:50:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Host\Dokumenty\Nová složka
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\Host\Plocha\» Nadržená máma spáchá incest se synem
[2011.07.27 19:39:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Host\Plocha\OTL.scr
[2011.07.27 19:13:00 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005UA.job
[2011.07.27 19:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.07.27 16:54:58 | 000,000,157 | ---- | M] () -- C:\WINDOWS\info1
[2011.07.27 16:52:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.07.27 16:52:35 | 267,964,416 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.26 20:13:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005Core.job
[2011.07.26 19:33:08 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Free Antivirus.lnk
[2011.07.26 19:32:28 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.07.26 19:28:55 | 000,000,215 | ---- | M] () -- C:\boot.ini
[2011.07.26 19:18:31 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.07.26 17:55:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 13:27:12 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 13:27:12 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.07.26 13:27:12 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011.07.26 13:27:10 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 13:12:13 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.26 13:07:27 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 13:03:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.26 13:03:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.25 16:46:54 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\Host\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.22 10:23:21 | 001,246,987 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\má třída.jpg
[2011.07.20 20:01:36 | 000,046,152 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\tampelband.htm
[2011.07.19 12:23:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.07.18 11:34:41 | 500,555,988 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\stronghold-crusader.rar
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\WINDOWS\geoiplist
[2011.07.15 12:56:00 | 000,441,696 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.07.15 12:56:00 | 000,438,268 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.07.15 12:56:00 | 000,082,988 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.07.15 12:56:00 | 000,071,632 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.07.14 07:43:50 | 000,282,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.14 07:13:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.06.29 19:36:40 | 000,001,545 | ---- | M] () -- C:\Documents and Settings\Host\.recently-used.xbel
[2011.06.29 12:26:25 | 000,066,554 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\Seven- Ruleta.zip
[2011.06.29 12:22:07 | 000,052,317 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\obal CD Ruleta.jpg
[2011.06.29 12:20:44 | 000,041,986 | ---- | M] () -- C:\Documents and Settings\Host\Plocha\seven.jpg
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.26 19:30:05 | 267,964,416 | -HS- | C] () -- C:\hiberfil.sys
[2011.07.26 17:55:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 13:13:33 | 000,232,960 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.26 13:11:47 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011.07.26 13:11:41 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 13:11:21 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 13:07:30 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011.07.26 13:07:28 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.07.26 13:07:26 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 13:07:23 | 000,000,157 | ---- | C] () -- C:\WINDOWS\info1
[2011.07.26 13:04:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.26 13:04:04 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.22 10:20:34 | 001,246,987 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\má třída.jpg
[2011.07.20 20:01:32 | 000,046,152 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\tampelband.htm
[2011.07.18 11:06:29 | 500,555,988 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\stronghold-crusader.rar
[2011.06.29 19:36:40 | 000,001,545 | ---- | C] () -- C:\Documents and Settings\Host\.recently-used.xbel
[2011.06.29 12:26:25 | 000,066,554 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\Seven- Ruleta.zip
[2011.06.29 12:22:06 | 000,052,317 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\obal CD Ruleta.jpg
[2011.06.29 12:20:25 | 000,041,986 | ---- | C] () -- C:\Documents and Settings\Host\Plocha\seven.jpg
[2011.06.16 18:35:02 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Host\Local Settings\Data aplikací\fusioncache.dat
[2011.03.08 19:09:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.03.02 17:52:40 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2011.02.03 13:36:06 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\MSSTDFMT.DLL
[2011.01.18 14:32:27 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.01.13 14:44:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.12 17:21:46 | 000,122,368 | ---- | C] () -- C:\Documents and Settings\Host\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.12 14:06:34 | 000,175,170 | ---- | C] () -- C:\WINDOWS\hpoins44.dat
[2011.01.12 14:06:34 | 000,000,586 | ---- | C] () -- C:\WINDOWS\hpomdl44.dat
[2011.01.10 23:33:10 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.01.10 23:32:23 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.01.10 23:32:00 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2011.01.10 22:49:08 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011.01.10 22:42:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.01.10 21:45:02 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.01.10 21:44:26 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.01.10 21:44:25 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.01.10 21:44:23 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.01.10 21:44:22 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2011.01.10 21:44:22 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.01.10 21:44:21 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.01.10 21:34:36 | 000,282,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.10 21:33:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.01.10 21:05:16 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.12.26 22:17:22 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2008.12.22 13:23:55 | 000,000,177 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008.04.14 09:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.10.22 09:52:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.22 09:52:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.10.22 09:52:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.22 09:52:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.10.22 09:52:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.22 09:52:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.22 09:52:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.22 09:52:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.10.22 09:52:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.10.22 09:52:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.22 09:52:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.10.10 00:12:14 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,441,696 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,438,268 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,082,988 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,071,632 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.07.26 17:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
[2011.01.10 22:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ESET
[2011.01.13 14:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2011.05.08 20:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Drivers HeadQuarters
[2011.01.20 14:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2011.01.10 22:56:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{59F1B7A2-B922-49F5-A441-6BCA174035E7}
[2011.03.02 20:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\DAEMON Tools Lite
[2011.01.12 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ESET
[2011.01.20 16:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\facemoods.com
[2011.06.29 19:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\gtk-2.0
[2011.04.04 19:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ICQ
[2011.04.02 19:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\inkscape
[2011.07.27 19:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.12.19 14:23:26 | 000,040,960 | ---- | M] (Microsoft Corporation)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.04.11 09:16:12 | 001,276,416 | ---- | M] (Microsoft Corporation)
< >
< MD5 for: AGP440.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 12:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.12.19 14:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) MD5=D39127310CBAD1485EC5001A4ED1D853 -- C:\WINDOWS\explorer.exe
< MD5 for: FASTFAT.SYS >
[2008.04.14 00:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
< MD5 for: HAL.DLL >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.12.14 16:44:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.12.14 16:43:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NTFS.SYS >
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2011.07.27 16:54:56 | 000,502,272 | ---- | M] () MD5=38D7AB4B1D19053B410F17D55F03CC18 -- C:\WINDOWS\update.2\svchost.exe
[2011.07.26 13:07:21 | 000,348,672 | ---- | M] () MD5=6EECAB7626BABA17DB082754B5E8C5CE -- C:\WINDOWS\update.5.0\svchost.exe
[2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () MD5=7A3BC4D258CBE30DFB0649EE863FAE25 -- C:\WINDOWS\update.1\svchost.exe
[2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () MD5=7A3BC4D258CBE30DFB0649EE863FAE25 -- C:\WINDOWS\update.tray-7-0\svchost.exe
[2011.07.25 21:31:27 | 001,185,280 | -H-- | M] () MD5=7A3BC4D258CBE30DFB0649EE863FAE25 -- C:\WINDOWS\update.tray-7-0-lnk\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.12.14 16:44:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.12.19 14:29:10 | 000,557,056 | ---- | M] (Microsoft Corporation) MD5=12A799AD9415AE9C8ABCC5F75E9CF034 -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2009.04.16 11:38:20 | 000,312,832 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp70v.dll
[2006.10.26 17:26:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2001.10.25 15:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 15:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.07.26 19:18:31 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.07.26 19:32:28 | 000,088,566 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[2000.07.14 22:30:00 | 000,118,784 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\MSSTDFMT.DLL
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2011.01.10 21:34:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.01.10 21:34:01 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.01.10 21:34:01 | 000,462,848 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.07.26 20:13:01 | 000,000,978 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005Core.job
[2011.07.27 19:13:00 | 000,001,030 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005UA.job
[2011.07.27 19:01:00 | 000,000,234 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[28 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[35 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[13 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.01.10 21:42:36 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\desktop.ini
[2011.01.12 14:52:25 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\hpzinstall.log
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.01.02 13:28:49 | 002,846,280 | ---- | M] (SmartTweak Software ) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\{59F1B7A2-B922-49F5-A441-6BCA174035E7}\UpdateMyDrivers.exe
[2010.11.10 20:58:38 | 004,162,064 | ---- | M] (Big Fish Games) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\BigFishGamesCache\Upgrade\clientinstaller\bfgsetup_s1_l1.exe
[2010.11.10 20:58:44 | 000,143,408 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\BigFishGamesCache\Upgrade\stub\kudos-rock-legend_s1_l1_gF2155T1L1_d1179309622.exe
[2011.01.18 14:12:43 | 004,219,128 | ---- | M] (Big Fish Games) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\BigFishGamesCache\Upgrade\Unpack\bfgsetup_s1_l1.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2011.01.15 16:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Adobe
[2011.02.19 18:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Ahead
[2011.03.02 20:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\DAEMON Tools Lite
[2011.01.12 17:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\DivX
[2011.01.12 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ESET
[2011.01.20 16:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\facemoods.com
[2011.06.29 19:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\gtk-2.0
[2011.03.18 18:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\HP
[2011.07.27 17:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\HPAppData
[2011.04.04 19:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\ICQ
[2011.01.12 11:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Identities
[2011.04.02 19:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\inkscape
[2011.01.12 11:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Macromedia
[2011.02.21 20:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Media Player Classic
[2011.06.16 18:35:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Host\Data aplikací\Microsoft
[2011.06.11 07:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Motive
[2011.01.12 12:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Mozilla
[2011.01.19 11:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Real
[2011.04.20 12:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\Sun
[2011.01.12 16:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Host\Data aplikací\WinRAR
< %APPDATA%\*.* >
[2011.01.10 21:42:36 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Host\Data aplikací\desktop.ini
[2011.03.30 21:20:15 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Host\Data aplikací\ex_log.txt
< %APPDATA%\*.exe /s >
[2011.01.12 11:53:24 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Host\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-27 05:23:58
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
========== Alternate Data Streams ==========
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:0664ADFC
< End of report >
OTL Extras logfile created on: 27.7.2011 19:42:16 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Host\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
255,48 Mb Total Physical Memory | 33,05 Mb Available Physical Memory | 12,94% Memory free
618,07 Mb Paging File | 180,43 Mb Available in Paging File | 29,19% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 4,66 Gb Free Space | 12,50% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 33,57 Gb Free Space | 90,08% Space Free | Partition Type: NTFS
Computer Name: SMIDOVI | User Name: Host | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"D:\ICQ\ICQ7.2\ICQ.exe" = D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"D:\ICQ\ICQ7.2\aolload.exe" = D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"D:\ICQ\ICQ7.2\ICQ.exe" = D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"D:\ICQ\ICQ7.2\aolload.exe" = D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe" = C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos.
"E:\RCTYCOON (D)\DUTCH\RCT.EXE" = E:\RCTYCOON (D)\DUTCH\RCT.EXE:*:Disabled:RCT
"D:\RCT1\rct.exe" = D:\RCT1\rct.exe:*:Disabled:rct
"C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe" = C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader
"C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe" = C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe -- ()
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe -- ()
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()
"C:\WINDOWS\update.tray-7-0\svchost.exe" = C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe -- ()
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe" = C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{42165215-1ACA-40E1-A189-26BC0556FC3C}" = F1 Challenge 2007
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB9CEADA-E008-4219-B665-B7B4B8317A61}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-008A-0409-0000-0000000FF1CE}" = Microsoft Office 2007 Recent Documents Gadget
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D99C9A0-A05A-11D5-8C06-00A0CC273CFE}" = Master Rallye
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD104A82-D92A-484B-90F9-4CA044315DEC}" = UpdateMyDrivers
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF6B3A5A-0C24-4F04-846B-2B63AECD42EC}" = TheBat! Home v4.2.42
"{D20E73F6-FF41-4318-B23A-FB38FBDB14A4}_is1" = Dart Karaoke Studio CDG
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{EE4656A6-3283-11D6-A077-9EE0D9E64843}" = Colin McRae Rally 2.0
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"18 Wheels of Steel Pedal to the Metal" = 18 Wheels of Steel Pedal to the Metal
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aTube Catcher" = aTube Catcher
"AutocompletePro3_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"Bus Driver_is1" = Bus Driver
"Convert WAV To MP3_is1" = Convert WAV To MP3 1.0
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 Beta-1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.4
"Kudos" = Kudos
"Lamer" = Lamer
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"OggVorbis Transaltor_is1" = OggVorbis Transaltor
"Shop for HP Supplies" = Shop for HP Supplies
"Skispringen 2007_0001" = Skispringen 2007
"TO2WCM Wireless Connection Client" = O2 Wireless Connection Manager
"UpdateMyDrivers" = UpdateMyDrivers
"Windows Sidebar" = Postranní panel systému Windows
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1275210071-838170752-1606980848-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Audacity_is1" = Audacity 1.2.6
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: FB vir
Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.
Kód: Vybrat vše
:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
:Files
C:\Program Files\Ask.com
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\ICQ6Toolbar
:OTL
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1275210071-838170752-1606980848-1006\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [1848189.exe] C:\WINDOWS\TEMP\1848189.exe ()
O4 - HKLM..\Run: [2984306.exe] C:\WINDOWS\TEMP\2984306.exe ()
O4 - HKLM..\Run: [3544215.exe] C:\WINDOWS\TEMP\3544215.exe ()
O4 - HKLM..\Run: [8283738.exe] File not found
O4 - HKLM..\Run: [94138163-loader2.exe] C:\WINDOWS\TEMP\94138163-loader2.exe ()
O4 - HKLM..\Run: [avast] File not found
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O31 - SafeBoot: AlternateShell - services32.exe
[2011.07.26 17:53:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.07.26 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.07.26 13:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.07.26 13:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011.07.26 13:11:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.07.26 13:07:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.07.25 21:53:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.07.25 21:52:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
[2011.07.25 21:52:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
[2011.07.26 17:55:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 13:27:12 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 13:27:12 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.07.26 13:27:12 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011.07.26 13:27:10 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 13:12:13 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.26 13:07:27 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 13:03:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.26 13:03:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.26 17:55:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.26 13:13:33 | 000,232,960 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.26 13:11:47 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011.07.26 13:11:41 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011.07.26 13:11:21 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011.07.26 13:07:30 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011.07.26 13:07:28 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.07.26 13:07:26 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011.07.26 13:07:23 | 000,000,157 | ---- | C] () -- C:\WINDOWS\info1
[2011.07.26 13:04:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.26 13:04:04 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.27 19:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:0664ADFC
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe" =-
"C:\WINDOWS\update.1\svchost.exe" =-
"C:\WINDOWS\update.2\svchost.exe" =-
"C:\WINDOWS\update.tray-7-0\svchost.exe" =-
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" =-
"DAEMON Tools Toolbar" =-
"ICQToolbar" =-
:Services
ICQ Service
srvbtcclient
srviecheck
srvsysdriver32
wxpdriversRe: FB vir
a mám tam zase něco zaškrtnout?
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: FB vir
Trochu se spožděním,ale snad to mám
Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2011-07-27 18:02:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (13%) free of 38 GB
Total RAM: 255 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:34, on 27.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\sysdriver32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\ufa\ufa.exe
C:\Documents and Settings\Host\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=10184&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=10184&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=10184&bi=400
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10184&bi=400
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=desktop&s ... Terms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192168110113
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ViOrb] C:\Program Files\extras\ViOrb\ViOrb.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [3544215.exe] "C:\WINDOWS\TEMP\3544215.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [2984306.exe] "C:\WINDOWS\TEMP\2984306.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [94138163-loader2.exe] "C:\WINDOWS\TEMP\94138163-loader2.exe"
O4 - HKLM\..\Run: [8283738.exe] "C:\DOCUME~1\Michal\LOCALS~1\Temp\8283738.exe"
O4 - HKLM\..\Run: [1848189.exe] "C:\WINDOWS\TEMP\1848189.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] "D:\ICQ\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1275210071-838170752-1606980848-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Host')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - S-1-5-21-1275210071-838170752-1606980848-1006 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Host')
O4 - S-1-5-21-1275210071-838170752-1606980848-1006 User Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Host')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{66040A26-2D5D-4FF6-B95D-D2756A6A11D6}: Domain = 821002965
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = 821002965
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe
--
End of file - 11517 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "support@predictad.com:1.11, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.12, smartwebprinting@hp.com:4.5, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, DTToolbar@toolbarnet.com:1.1.4.0024, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://start.facemoods.com/results.php?f=5&a=desktop&q="
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
nppl3260.dll
nprpjplug.dll
C:\Program Files\Mozilla Firefox\searchplugins\
acpro.xml
fcmdSrchdesktop.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default\extensions\
DTToolbar@toolbarnet.com
support@predictad.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-11-11 97760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-01-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2008-12-26 77312]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ViOrb"=C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2011-01-10 136600]
"TO2WCM_McciTrayApp"=C:\Program Files\TO2WCM\McciTrayApp.exe [2008-01-30 1473536]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"wxpdrv"=C:\WINDOWS\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-7-0\svchost.exe [2011-07-25 1185280]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"3544215.exe"=C:\WINDOWS\TEMP\3544215.exe [2011-07-26 256000]
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-07-26 256000]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-07-26 256000]
"2984306.exe"=C:\WINDOWS\TEMP\2984306.exe [2011-07-26 256000]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-07-26 232960]
"94138163-loader2.exe"=C:\WINDOWS\TEMP\94138163-loader2.exe [2011-07-26 256000]
"8283738.exe"=C:\DOCUME~1\Michal\LOCALS~1\Temp\8283738.exe [2011-07-26 256000]
"1848189.exe"=C:\WINDOWS\TEMP\1848189.exe [2011-07-27 502272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"Google Update"=C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-01-11 136176]
"ICQ"=D:\ICQ\ICQ7.2\ICQ.exe [2011-01-05 133432]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []
C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"D:\ICQ\ICQ7.2\ICQ.exe"="D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\ICQ\ICQ7.2\aolload.exe"="D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe"="C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"E:\RCTYCOON (D)\DUTCH\RCT.EXE"="E:\RCTYCOON (D)\DUTCH\RCT.EXE:*:Disabled:RCT"
"D:\RCT1\rct.exe"="D:\RCT1\rct.exe:*:Disabled:rct"
"C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe"="C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader"
"C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\WINDOWS\update.tray-7-0\svchost.exe"="C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe"
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"="C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"D:\ICQ\ICQ7.2\ICQ.exe"="D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\ICQ\ICQ7.2\aolload.exe"="D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2011-07-27 18:02:53 ----D---- C:\Program Files\trend micro
2011-07-27 18:02:45 ----D---- C:\rsit
2011-07-26 19:30:05 ----ASH---- C:\hiberfil.sys
2011-07-26 17:53:50 ----D---- C:\WINDOWS\av_ico
2011-07-26 13:14:47 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-26 13:13:33 ----A---- C:\WINDOWS\l1rezerv.exe
2011-07-26 13:11:50 ----D---- C:\WINDOWS\ufa
2011-07-26 13:11:50 ----D---- C:\WINDOWS\phoenix
2011-07-26 13:11:49 ----D---- C:\WINDOWS\rpcminer
2011-07-26 13:11:19 ----HD---- C:\WINDOWS\update.2
2011-07-26 13:08:18 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-26 13:07:28 ----A---- C:\WINDOWS\unrar.exe
2011-07-26 13:07:25 ----HD---- C:\WINDOWS\update.5.0
2011-07-26 13:05:46 ----A---- C:\WINDOWS\iplist.txt
2011-07-26 13:04:40 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-07-26 13:04:04 ----A---- C:\WINDOWS\sysdriver32.exe
2011-07-26 13:03:43 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-25 21:53:01 ----HD---- C:\WINDOWS\update.1
2011-07-25 21:52:40 ----HD---- C:\WINDOWS\update.tray-7-0-lnk
2011-07-25 21:52:40 ----HD---- C:\WINDOWS\update.tray-7-0
2011-07-25 21:38:36 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-25 21:38:36 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-14 07:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-14 07:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-03 11:37:11 ----D---- C:\s_tour_3
2011-06-30 07:21:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
======List of files/folders modified in the last 1 month======
2011-07-27 18:02:53 ----RD---- C:\Program Files
2011-07-27 16:56:19 ----D---- C:\WINDOWS
2011-07-27 16:54:55 ----D---- C:\WINDOWS\Temp
2011-07-27 16:54:35 ----D---- C:\WINDOWS\Registration
2011-07-26 23:44:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-26 19:28:55 ----A---- C:\boot.ini
2011-07-26 19:18:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-26 19:16:35 ----D---- C:\WINDOWS\system32\drivers
2011-07-26 19:13:31 ----SHD---- C:\WINDOWS\Installer
2011-07-26 19:13:31 ----HD---- C:\Config.Msi
2011-07-26 19:13:24 ----D---- C:\WINDOWS\WinSxS
2011-07-26 19:12:16 ----D---- C:\WINDOWS\system32
2011-07-26 19:02:30 ----D---- C:\Documents and Settings\Michal\Data aplikací\HPAppData
2011-07-26 19:01:36 ----D---- C:\Documents and Settings\Michal\Data aplikací\ICQ
2011-07-26 18:55:46 ----A---- C:\WINDOWS\ntbtlog.txt
2011-07-26 17:31:10 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
2011-07-26 13:17:14 ----SHD---- C:\System Volume Information
2011-07-26 13:17:14 ----D---- C:\WINDOWS\system32\Restore
2011-07-15 13:10:21 ----D---- C:\Documents and Settings\Michal\Data aplikací\AIMP
2011-07-15 13:09:03 ----D---- C:\Program Files\Mozilla Firefox
2011-07-15 12:55:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-14 07:40:51 ----HD---- C:\WINDOWS\inf
2011-07-14 07:34:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-14 07:29:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2011-07-14 07:13:33 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 08:13:28 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-11 11:31:56 ----D---- C:\WINDOWS\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-05-12 20576]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-14 77568]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-12-26 41600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-03-02 218688]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2010-01-05 1714176]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2008-12-26 17664]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-14 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2008-12-26 58880]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-01-10 152984]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-26 348672]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-07-27 502272]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-07-26 256000]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-07-25 1185280]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-03 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2011-07-27 18:02:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (13%) free of 38 GB
Total RAM: 255 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:34, on 27.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\sysdriver32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\ufa\ufa.exe
C:\Documents and Settings\Host\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=10184&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=10184&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=10184&bi=400
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10184&bi=400
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=desktop&s ... Terms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192168110113
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ViOrb] C:\Program Files\extras\ViOrb\ViOrb.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [3544215.exe] "C:\WINDOWS\TEMP\3544215.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [2984306.exe] "C:\WINDOWS\TEMP\2984306.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [94138163-loader2.exe] "C:\WINDOWS\TEMP\94138163-loader2.exe"
O4 - HKLM\..\Run: [8283738.exe] "C:\DOCUME~1\Michal\LOCALS~1\Temp\8283738.exe"
O4 - HKLM\..\Run: [1848189.exe] "C:\WINDOWS\TEMP\1848189.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] "D:\ICQ\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1275210071-838170752-1606980848-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Host')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - S-1-5-21-1275210071-838170752-1606980848-1006 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Host')
O4 - S-1-5-21-1275210071-838170752-1606980848-1006 User Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Host')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\ICQ\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{66040A26-2D5D-4FF6-B95D-D2756A6A11D6}: Domain = 821002965
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = 821002965
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = 821002965
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe
--
End of file - 11517 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-838170752-1606980848-1005UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "support@predictad.com:1.11, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.12, smartwebprinting@hp.com:4.5, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, DTToolbar@toolbarnet.com:1.1.4.0024, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://start.facemoods.com/results.php?f=5&a=desktop&q="
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
nppl3260.dll
nprpjplug.dll
C:\Program Files\Mozilla Firefox\searchplugins\
acpro.xml
fcmdSrchdesktop.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default\extensions\
DTToolbar@toolbarnet.com
support@predictad.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\uxvtkhnt.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-11-11 97760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-01-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2008-12-26 77312]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ViOrb"=C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2011-01-10 136600]
"TO2WCM_McciTrayApp"=C:\Program Files\TO2WCM\McciTrayApp.exe [2008-01-30 1473536]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"wxpdrv"=C:\WINDOWS\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-7-0\svchost.exe [2011-07-25 1185280]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"3544215.exe"=C:\WINDOWS\TEMP\3544215.exe [2011-07-26 256000]
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-07-26 256000]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-07-26 256000]
"2984306.exe"=C:\WINDOWS\TEMP\2984306.exe [2011-07-26 256000]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-07-26 232960]
"94138163-loader2.exe"=C:\WINDOWS\TEMP\94138163-loader2.exe [2011-07-26 256000]
"8283738.exe"=C:\DOCUME~1\Michal\LOCALS~1\Temp\8283738.exe [2011-07-26 256000]
"1848189.exe"=C:\WINDOWS\TEMP\1848189.exe [2011-07-27 502272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"Google Update"=C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-01-11 136176]
"ICQ"=D:\ICQ\ICQ7.2\ICQ.exe [2011-01-05 133432]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []
C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"D:\ICQ\ICQ7.2\ICQ.exe"="D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\ICQ\ICQ7.2\aolload.exe"="D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe"="C:\Documents and Settings\Michal\Plocha\Programy\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"E:\RCTYCOON (D)\DUTCH\RCT.EXE"="E:\RCTYCOON (D)\DUTCH\RCT.EXE:*:Disabled:RCT"
"D:\RCT1\rct.exe"="D:\RCT1\rct.exe:*:Disabled:rct"
"C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe"="C:\Documents and Settings\Host\Plocha\Stronghold Crusader\Stronghold Crusader\Stronghold Crusader.exe:*:Disabled:Stronghold Crusader"
"C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Host\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\WINDOWS\update.tray-7-0\svchost.exe"="C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe"
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"="C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"D:\ICQ\ICQ7.2\ICQ.exe"="D:\ICQ\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\ICQ\ICQ7.2\aolload.exe"="D:\ICQ\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2011-07-27 18:02:53 ----D---- C:\Program Files\trend micro
2011-07-27 18:02:45 ----D---- C:\rsit
2011-07-26 19:30:05 ----ASH---- C:\hiberfil.sys
2011-07-26 17:53:50 ----D---- C:\WINDOWS\av_ico
2011-07-26 13:14:47 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-26 13:13:33 ----A---- C:\WINDOWS\l1rezerv.exe
2011-07-26 13:11:50 ----D---- C:\WINDOWS\ufa
2011-07-26 13:11:50 ----D---- C:\WINDOWS\phoenix
2011-07-26 13:11:49 ----D---- C:\WINDOWS\rpcminer
2011-07-26 13:11:19 ----HD---- C:\WINDOWS\update.2
2011-07-26 13:08:18 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-26 13:07:28 ----A---- C:\WINDOWS\unrar.exe
2011-07-26 13:07:25 ----HD---- C:\WINDOWS\update.5.0
2011-07-26 13:05:46 ----A---- C:\WINDOWS\iplist.txt
2011-07-26 13:04:40 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-07-26 13:04:04 ----A---- C:\WINDOWS\sysdriver32.exe
2011-07-26 13:03:43 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-25 21:53:01 ----HD---- C:\WINDOWS\update.1
2011-07-25 21:52:40 ----HD---- C:\WINDOWS\update.tray-7-0-lnk
2011-07-25 21:52:40 ----HD---- C:\WINDOWS\update.tray-7-0
2011-07-25 21:38:36 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-25 21:38:36 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-14 07:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-14 07:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-03 11:37:11 ----D---- C:\s_tour_3
2011-06-30 07:21:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
======List of files/folders modified in the last 1 month======
2011-07-27 18:02:53 ----RD---- C:\Program Files
2011-07-27 16:56:19 ----D---- C:\WINDOWS
2011-07-27 16:54:55 ----D---- C:\WINDOWS\Temp
2011-07-27 16:54:35 ----D---- C:\WINDOWS\Registration
2011-07-26 23:44:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-26 19:28:55 ----A---- C:\boot.ini
2011-07-26 19:18:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-26 19:16:35 ----D---- C:\WINDOWS\system32\drivers
2011-07-26 19:13:31 ----SHD---- C:\WINDOWS\Installer
2011-07-26 19:13:31 ----HD---- C:\Config.Msi
2011-07-26 19:13:24 ----D---- C:\WINDOWS\WinSxS
2011-07-26 19:12:16 ----D---- C:\WINDOWS\system32
2011-07-26 19:02:30 ----D---- C:\Documents and Settings\Michal\Data aplikací\HPAppData
2011-07-26 19:01:36 ----D---- C:\Documents and Settings\Michal\Data aplikací\ICQ
2011-07-26 18:55:46 ----A---- C:\WINDOWS\ntbtlog.txt
2011-07-26 17:31:10 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
2011-07-26 13:17:14 ----SHD---- C:\System Volume Information
2011-07-26 13:17:14 ----D---- C:\WINDOWS\system32\Restore
2011-07-15 13:10:21 ----D---- C:\Documents and Settings\Michal\Data aplikací\AIMP
2011-07-15 13:09:03 ----D---- C:\Program Files\Mozilla Firefox
2011-07-15 12:55:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-14 07:40:51 ----HD---- C:\WINDOWS\inf
2011-07-14 07:34:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-14 07:29:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2011-07-14 07:13:33 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 08:13:28 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-11 11:31:56 ----D---- C:\WINDOWS\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-05-12 20576]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-14 77568]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-12-26 41600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-03-02 218688]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2010-01-05 1714176]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2008-12-26 17664]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-14 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2008-12-26 58880]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-01-10 152984]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-26 348672]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-07-27 502272]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-07-26 256000]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-07-25 1185280]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-03 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: FB vir
počítač se mi restartoval, a na ploše mám tyto tři soubory
Extras.txt OTL.txt a log.txt
Extras.txt OTL.txt a log.txt
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: FB vir
tam jsem našel tohle:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
Re: FB vir
bohužel musím končit, tak zitra pokračování,když to půjde, zítra tu budu asi od čtvrt na osm ráno. Zatím nashle a děkuji za pomoc, snad se to dotáhne až do úspěšného konce.
Re: FB vir
jo a ještě ohlašuji zprávu, že už mi funguje facebook, tak je to snad na správné cestě
Přispějete na provoz fóra?