Zdravim, zrejm se mi taky do pocitace dostal ten znamy facebook vir a potreboval bych poradit jak na nej. Bohuzel nejsem zrovna moc zrucny s pocitacem, takze nevim jak to pujde. Log prikladam podle navodu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by xxx at 2011-08-19 19:47:51
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 20 GB (40%) free of 51 GB
Total RAM: 1982 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:47:59, on 19.8.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\update.tray-7-0\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
C:\program files\steam\steam.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\update.tray-7-0-lnk\svchost.exe
C:\Documents and Settings\xxx\Local Settings\Data aplikací\TeamSpeak 3 Client\ts3client_win32.exe
C:\WINDOWS\sysdriver32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\QIP\qip.exe
C:\WINDOWS\update.7.1\svchostdriver.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\l1rezerv.exe
C:\WINDOWS\ufa\ufa.exe
C:\WINDOWS\update.7.1\svchostdriver.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\xxx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adserving.cpxinteractive.com/clk ... webhost_ad,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [1746660.exe] "C:\DOCUME~1\xxx\LOCALS~1\Temp\1746660.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [8644823.exe] "C:\WINDOWS\TEMP\8644823.exe"
O4 - HKLM\..\Run: [5201822.exe] "C:\DOCUME~1\xxx\LOCALS~1\Temp\5201822.exe"
O4 - HKLM\..\Run: [4540450.exe] "C:\WINDOWS\TEMP\4540450.exe"
O4 - HKLM\..\Run: [5467369.exe] "C:\WINDOWS\TEMP\5467369.exe"
O4 - HKLM\..\Run: [95670953-loader2.exe] "C:\WINDOWS\TEMP\95670953-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [Steam] "C:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ddservice - Unknown owner - C:\WINDOWS\update.7.1\svchostdriver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe
--
End of file - 11385 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, jqs@sun.com:1.0, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
NPOFFICE.DLL
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\
toolbar@ask.com
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-06-09 45568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-16 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-30 17881088]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
"wxpdrv"=C:\WINDOWS\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-7-0\svchost.exe [2011-08-19 1215488]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"1746660.exe"=C:\DOCUME~1\xxx\LOCALS~1\Temp\1746660.exe [2011-08-19 258048]
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-08-19 258048]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-08-19 258048]
"8644823.exe"=C:\WINDOWS\TEMP\8644823.exe [2011-08-19 258048]
"5201822.exe"=C:\DOCUME~1\xxx\LOCALS~1\Temp\5201822.exe [2011-08-19 258048]
"4540450.exe"=C:\WINDOWS\TEMP\4540450.exe [2011-08-19 632832]
"5467369.exe"=C:\WINDOWS\TEMP\5467369.exe [2011-08-19 258048]
"95670953-loader2.exe"=C:\WINDOWS\TEMP\95670953-loader2.exe [2011-08-19 258048]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-08-19 232960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-08 449584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"QIP Internet Guardian"=C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe [2010-06-09 187904]
"Steam"=C:\program files\steam\steam.exe [2011-08-02 1242448]
"Octoshape Streaming Services"=C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HPAiODevice(hp psc 900 series) - 1.lnk - C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe"="C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.tray-7-0\svchost.exe"="C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe"
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"="C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.XFR1"=xfcodec.dll
======List of files/folders created in the last 1 month======
2011-08-19 19:47:53 ----D---- C:\Program Files\trend micro
2011-08-19 19:47:51 ----D---- C:\rsit
2011-08-19 19:41:50 ----D---- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
2011-08-19 19:41:43 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-08-19 19:41:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-19 19:41:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-19 19:41:39 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-08-19 16:37:51 ----D---- C:\WINDOWS\ufa
2011-08-19 16:37:51 ----D---- C:\WINDOWS\rpcminer
2011-08-19 16:37:51 ----D---- C:\WINDOWS\phoenix
2011-08-19 16:31:13 ----A---- C:\WINDOWS\l1rezerv.exe
2011-08-19 16:30:54 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-08-19 16:29:21 ----HD---- C:\WINDOWS\update.5.0
2011-08-19 16:27:57 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-08-19 16:27:25 ----HD---- C:\WINDOWS\update.2
2011-08-19 16:27:09 ----A---- C:\WINDOWS\unrar.exe
2011-08-19 16:26:15 ----HD---- C:\WINDOWS\update.7.1
2011-08-19 16:25:30 ----A---- C:\WINDOWS\iplist.txt
2011-08-19 16:24:00 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-08-19 16:23:46 ----A---- C:\WINDOWS\sysdriver32.exe
2011-08-19 16:23:29 ----A---- C:\WINDOWS\front_ip_list.txt
2011-08-19 16:23:24 ----D---- C:\WINDOWS\av_ico
2011-08-19 16:21:58 ----HD---- C:\WINDOWS\update.1
2011-08-19 16:21:49 ----HD---- C:\WINDOWS\update.tray-7-0-lnk
2011-08-19 16:21:49 ----HD---- C:\WINDOWS\update.tray-7-0
2011-08-19 16:18:21 ----A---- C:\WINDOWS\winlog-ids.txt
2011-08-19 16:18:21 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-08-09 10:23:54 ----D---- C:\Program Files\LogMeIn Hamachi
2011-07-30 19:39:18 ----A---- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
2011-07-30 18:51:12 ----D---- C:\Program Files\Garena
2011-07-30 14:14:12 ----D---- C:\Documents and Settings\xxx\Data aplikací\GameRanger
2011-07-30 14:03:55 ----A---- C:\WINDOWS\War3Unin.dat
2011-07-30 14:03:54 ----A---- C:\WINDOWS\War3Unin.pif
2011-07-30 14:03:54 ----A---- C:\WINDOWS\War3Unin.exe
2011-07-30 14:02:42 ----D---- C:\Program Files\Warcraft III
2011-07-28 23:57:03 ----A---- C:\WINDOWS\YAWLE Setup Log.txt
2011-07-28 12:43:07 ----D---- C:\Program Files\Microsoft Games
2011-07-28 11:39:57 ----D---- C:\Documents and Settings\xxx\Data aplikací\dvdcss
2011-07-22 01:14:49 ----D---- C:\Program Files\GamePark2
======List of files/folders modified in the last 1 month======
2011-08-19 19:47:53 ----RD---- C:\Program Files
2011-08-19 19:41:43 ----D---- C:\WINDOWS\system32\drivers
2011-08-19 17:54:39 ----D---- C:\Program Files\Steam
2011-08-19 16:37:51 ----D---- C:\WINDOWS
2011-08-19 16:33:30 ----SHD---- C:\System Volume Information
2011-08-19 16:32:37 ----D---- C:\WINDOWS\Temp
2011-08-19 16:28:23 ----D---- C:\WINDOWS\Prefetch
2011-08-19 16:27:50 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-19 16:24:51 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-19 16:22:08 ----A---- C:\boot.ini
2011-08-19 15:01:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-19 13:56:19 ----D---- C:\Documents and Settings\xxx\Data aplikací\Xfire
2011-08-19 12:26:42 ----D---- C:\Program Files\Xfire
2011-08-18 23:46:08 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-08-18 11:48:38 ----A---- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
2011-08-17 00:36:29 ----D---- C:\Program Files\Mozilla Firefox
2011-08-16 18:18:14 ----A---- C:\WINDOWS\wincmd.ini
2011-08-09 10:24:15 ----SHD---- C:\WINDOWS\Installer
2011-08-09 10:24:15 ----HD---- C:\Config.Msi
2011-08-08 17:16:57 ----D---- C:\WINDOWS\system32\DirectX
2011-08-08 17:16:54 ----HD---- C:\WINDOWS\inf
2011-08-08 17:16:52 ----D---- C:\WINDOWS\system32
2011-08-08 17:04:07 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-08 16:55:04 ----D---- C:\Program Files\Call of Duty
2011-08-08 13:38:48 ----D---- C:\Documents and Settings\xxx\Data aplikací\ICQ
2011-07-30 19:09:08 ----SD---- C:\WINDOWS\Tasks
2011-07-30 19:07:53 ----D---- C:\Documents and Settings\xxx\Data aplikací\OpenCandy
2011-07-30 14:21:00 ----A---- C:\WINDOWS\iun6002.exe
2011-07-28 21:01:59 ----D---- C:\Documents and Settings\xxx\Data aplikací\Skype
2011-07-28 20:28:43 ----D---- C:\Documents and Settings\xxx\Data aplikací\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-09 691696]
R3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-04 5075968]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 a7l0ey6k;a7l0ey6k; C:\WINDOWS\system32\drivers\a7l0ey6k.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 PBDOWNFORCE_SERVICE;PBDOWNFORCE_SERVICE; \??\D:\internet\COD\rider\PBDownforce.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RivaTuner32;RivaTuner32; \??\D:\internet\RivaTuner v2.0 RC 16.1\RivaTuner32.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys [2010-12-20 19680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ddservice;ddservice; C:\WINDOWS\update.7.1\svchostdriver.exe [2011-08-19 382464]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 1361288]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-16 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-16 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-08-18 214520]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-08-19 348672]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-08-19 632832]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-08-19 258048]
R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-12-20 602872]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-08-19 1215488]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-01-01 136176]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-01-01 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
facebook vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: facebook vir
Zdravím a vítám vás na našem bezpečnostním fóru viry.cz 
Můj nick je Caroprd111. Budu se vám v tomto topicu věnovat a snažit se odstranit všechny vaše problémy s počítačem.
Než začneme, přečtěte si prosím následující poznámky.
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
Můj nick je Caroprd111. Budu se vám v tomto topicu věnovat a snažit se odstranit všechny vaše problémy s počítačem.
Než začneme, přečtěte si prosím následující poznámky.
- Pokud nemáte, zálohujte si všechna důležitá data. Infikovaný počítač je nevyzpytatelný.
- Důsledně a pečlivě si přečtěte celý postup, poté pokračujte po jednotlivých krocích.
- Prosím, nespouštějte žádné další programy na vlastní pěst, zejména ComboFix. Zbytečně tím můžete zkomplikovat odvirování, dokonce i znefunkčnit systém.
- Absence příznaků nemusí vždy znamenat, že je počítač čistý, proto vždy spolupracujte až do doby, než vám napíšu, že je počítač v pořádku.
- V případě, že něčemu nerozumíte nebo si nejste jist, neváhejte se mě zeptat.
- Pokud bude log dlouhý a nevejde se do jednoho příspěvku, rozdělte jej do více příspěvků.
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
*crack*
*keygen*- Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
-
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
Prvni log:
OTL Extras logfile created on: 20.8.2011 12:05:28 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,94 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 72,56% Memory free
3,79 Gb Paging File | 3,33 Gb Available in Paging File | 87,95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 21,27 Gb Free Space | 42,53% Space Free | Partition Type: NTFS
Drive D: | 99,04 Gb Total Space | 3,69 Gb Free Space | 3,72% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 196,68 Gb Free Space | 84,46% Space Free | Partition Type: NTFS
Computer Name: SVIK-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"19185:TCP" = 19185:TCP:*:Enabled:BitComet 19185 TCP
"19185:UDP" = 19185:UDP:*:Enabled:BitComet 19185 UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\RayV\RayV\RayV.exe" = C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV
"C:\Program Files\RayV\RayV\RayV.dll" = C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe" = C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe:*:Enabled:µTorrent
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3 -- (Ensemble Studios)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties -- (Microsoft Corporation)
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs -- (Ensemble Studios)
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe" = C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe
"C:\WINDOWS\update.tray-7-0\svchost.exe" = C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe" = C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe
"C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2BDBD1DE-2959-407F-BBC2-C9B2828CEDF2}" = HPSSupply
"{2ddce641-8776-4a1b-a397-6694457b3f8c}" = Nero 9 Essentials
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.7.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{924DAFFB-CA84-43a3-8205-A6E94461EC79}_is1" = Registry Reviver
"{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.048 r1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A253DFD0-75ED-4D8F-9AEF-9A2FD3F91384}" = Robin Hood - Legenda Sherwoodu
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C6DD02-8ACA-4354-BA36-9FFC3B767E73}" = Cisco AnyConnect VPN Client
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Video Converter_is1" = Any Video Converter 3.2.7
"avast" = avast! Free Antivirus
"BSPlayerp" = BS.Player PRO
"BurnAware Free_is1" = BurnAware Free 3.0.4
"Call of Duty" = Call of Duty
"CD MP3 Burner_is1" = CD MP3 Burner 2.15
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"Garena" = Garena 2010
"Google Chrome" = Google Chrome
"hp psc 900 series 1286035130" = hp psc 900 series
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{A253DFD0-75ED-4D8F-9AEF-9A2FD3F91384}" = Robin Hood - Legenda Sherwoodu
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PC Wizard 2008_is1" = PC Wizard 2008.1.80
"RivaTuner" = RivaTuner v2.0 RC 16.1
"Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 10" = Counter-Strike
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Ventrilo" = Ventrilo
"VLC media player" = VLC media player 1.1.4
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
"X-ray Anti-Cheat" = X-ray Anti-Cheat
"Yawle_0.3b" = YAWLE 0.5b
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"Octoshape Streaming Services" = Octoshape Streaming Services
"QIP 2005" = QIP 2005 8095
"QipGuard" = QIP Internet Guardian
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 7:57:54 | Computer Name = SVIK-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace hposts07.exe, verze 1.0.0.0, chybující modul hpodvi07.dll,
verze 2.0.0.0, adresa chyby 0x00022a79.
Error - 19.8.2011 7:58:37 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.8.2011 10:24:27 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.8.2011 15:29:04 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.8.2011 15:33:29 | Computer Name = SVIK-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace mbam.exe, verze 1.51.1.1076, chybující modul ntdll.dll,
verze 5.1.2600.2180, adresa chyby 0x000106c3.
[ Cisco AnyConnect VPN Client Events ]
Error - 19.8.2011 15:26:36 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
385 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805
(0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE
Error - 19.8.2011 15:26:39 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67110873
Description = Termination reason code 5: The user is logging off the system.
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2484 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
7578 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::MainLoop File: .\MainThread.cpp Line: 325 Invoked
Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647 (0xFE070021)
Description:
ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2484 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
7578 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::MainLoop File: .\MainThread.cpp Line: 325 Invoked
Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647 (0xFE070021)
Description:
ROUTETABLE_ERROR_GETBESTROUTE_FAILED
[ System Events ]
Error - 19.8.2011 10:21:59 | Computer Name = SVIK-PC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 19.8.2011 10:22:14 | Computer Name = SVIK-PC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 19.8.2011 10:24:45 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 19.8.2011 10:37:19 | Computer Name = SVIK-PC | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{C121E927-C79B-4ED5-9727-AD3F87CA815E}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba wxpdrivers byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba srviecheck byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvbtcclient byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 19.8.2011 15:29:21 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 20.8.2011 5:59:54 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku
následující chyby: %%2
< End of report >
OTL Extras logfile created on: 20.8.2011 12:05:28 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,94 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 72,56% Memory free
3,79 Gb Paging File | 3,33 Gb Available in Paging File | 87,95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 21,27 Gb Free Space | 42,53% Space Free | Partition Type: NTFS
Drive D: | 99,04 Gb Total Space | 3,69 Gb Free Space | 3,72% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 196,68 Gb Free Space | 84,46% Space Free | Partition Type: NTFS
Computer Name: SVIK-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"19185:TCP" = 19185:TCP:*:Enabled:BitComet 19185 TCP
"19185:UDP" = 19185:UDP:*:Enabled:BitComet 19185 UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\RayV\RayV\RayV.exe" = C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV
"C:\Program Files\RayV\RayV\RayV.dll" = C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe" = C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe:*:Enabled:µTorrent
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3 -- (Ensemble Studios)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties -- (Microsoft Corporation)
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs -- (Ensemble Studios)
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe" = C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe
"C:\WINDOWS\update.tray-7-0\svchost.exe" = C:\WINDOWS\update.tray-7-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0\svchost.exe
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe" = C:\WINDOWS\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-7-0-lnk\svchost.exe
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe
"C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2BDBD1DE-2959-407F-BBC2-C9B2828CEDF2}" = HPSSupply
"{2ddce641-8776-4a1b-a397-6694457b3f8c}" = Nero 9 Essentials
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.7.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{924DAFFB-CA84-43a3-8205-A6E94461EC79}_is1" = Registry Reviver
"{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.048 r1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A253DFD0-75ED-4D8F-9AEF-9A2FD3F91384}" = Robin Hood - Legenda Sherwoodu
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C6DD02-8ACA-4354-BA36-9FFC3B767E73}" = Cisco AnyConnect VPN Client
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Video Converter_is1" = Any Video Converter 3.2.7
"avast" = avast! Free Antivirus
"BSPlayerp" = BS.Player PRO
"BurnAware Free_is1" = BurnAware Free 3.0.4
"Call of Duty" = Call of Duty
"CD MP3 Burner_is1" = CD MP3 Burner 2.15
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"Garena" = Garena 2010
"Google Chrome" = Google Chrome
"hp psc 900 series 1286035130" = hp psc 900 series
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{A253DFD0-75ED-4D8F-9AEF-9A2FD3F91384}" = Robin Hood - Legenda Sherwoodu
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PC Wizard 2008_is1" = PC Wizard 2008.1.80
"RivaTuner" = RivaTuner v2.0 RC 16.1
"Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 10" = Counter-Strike
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Ventrilo" = Ventrilo
"VLC media player" = VLC media player 1.1.4
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
"X-ray Anti-Cheat" = X-ray Anti-Cheat
"Yawle_0.3b" = YAWLE 0.5b
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"Octoshape Streaming Services" = Octoshape Streaming Services
"QIP 2005" = QIP 2005 8095
"QipGuard" = QIP Internet Guardian
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 4:41:38 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 19.8.2011 7:57:54 | Computer Name = SVIK-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace hposts07.exe, verze 1.0.0.0, chybující modul hpodvi07.dll,
verze 2.0.0.0, adresa chyby 0x00022a79.
Error - 19.8.2011 7:58:37 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.8.2011 10:24:27 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.8.2011 15:29:04 | Computer Name = SVIK-PC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.8.2011 15:33:29 | Computer Name = SVIK-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace mbam.exe, verze 1.51.1.1076, chybující modul ntdll.dll,
verze 5.1.2600.2180, adresa chyby 0x000106c3.
[ Cisco AnyConnect VPN Client Events ]
Error - 19.8.2011 15:26:36 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
385 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805
(0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE
Error - 19.8.2011 15:26:39 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67110873
Description = Termination reason code 5: The user is logging off the system.
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2484 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
7578 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 19.8.2011 15:27:48 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::MainLoop File: .\MainThread.cpp Line: 325 Invoked
Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647 (0xFE070021)
Description:
ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2484 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line:
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
7578 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 20.8.2011 5:58:28 | Computer Name = SVIK-PC | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::MainLoop File: .\MainThread.cpp Line: 325 Invoked
Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647 (0xFE070021)
Description:
ROUTETABLE_ERROR_GETBESTROUTE_FAILED
[ System Events ]
Error - 19.8.2011 10:21:59 | Computer Name = SVIK-PC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 19.8.2011 10:22:14 | Computer Name = SVIK-PC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 19.8.2011 10:24:45 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 19.8.2011 10:37:19 | Computer Name = SVIK-PC | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{C121E927-C79B-4ED5-9727-AD3F87CA815E}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba wxpdrivers byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba srviecheck byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 19.8.2011 15:26:15 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7034
Description = Služba srvbtcclient byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 19.8.2011 15:29:21 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 20.8.2011 5:59:54 | Computer Name = SVIK-PC | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku
následující chyby: %%2
< End of report >
-
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
druhy log:
OTL logfile created on: 20.8.2011 12:05:28 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,94 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 72,56% Memory free
3,79 Gb Paging File | 3,33 Gb Available in Paging File | 87,95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 21,27 Gb Free Space | 42,53% Space Free | Partition Type: NTFS
Drive D: | 99,04 Gb Total Space | 3,69 Gb Free Space | 3,72% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 196,68 Gb Free Space | 84,46% Space Free | Partition Type: NTFS
Computer Name: SVIK-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.08.20 12:03:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
PRC - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
PRC - [2011.08.17 00:36:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.08.02 14:01:50 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2010.12.20 17:57:04 | 000,602,872 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.06.09 18:35:10 | 000,187,904 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
PRC - [2004.08.17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.09.26 15:38:02 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpofxm07.exe
PRC - [2002.09.26 15:18:18 | 000,294,912 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe
PRC - [2002.09.26 15:04:02 | 000,299,008 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe
PRC - [2002.09.26 14:40:00 | 000,487,484 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
========== Modules (No Company Name) ==========
MOD - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
MOD - [2011.08.17 00:36:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.08.03 01:17:52 | 014,401,832 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2011.08.03 01:17:45 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
MOD - [2011.08.03 01:17:45 | 000,190,248 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2011.08.03 01:17:45 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dll
MOD - [2011.08.03 01:17:45 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
MOD - [2011.04.19 10:26:55 | 006,053,536 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
MOD - [2010.06.09 18:35:10 | 000,187,904 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004.08.17 17:49:12 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2002.09.26 15:37:30 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpopxs07.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 4.0)
SRV - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.12.20 17:57:04 | 000,602,872 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
========== Driver Services (SafeList) ==========
DRV - [2011.08.18 23:46:22 | 000,137,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010.12.20 17:43:42 | 000,019,680 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2010.09.09 16:17:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.03 16:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.05.04 18:22:54 | 005,075,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.08.18 19:54:24 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008.08.05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.08.01 12:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.08.01 12:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.10.23 09:00:00 | 000,008,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\internet\RivaTuner v2.0 RC 16.1\RivaTuner32.sys -- (RivaTuner32)
DRV - [2006.05.13 17:54:11 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\internet\COD\rider\PBDownForce.sys -- (PBDOWNFORCE_SERVICE)
DRV - [2006.01.04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2002.08.12 16:20:22 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023k.sys -- (USB_RNDIS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.17 00:36:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.19 17:36:22 | 000,000,000 | ---D | M]
[2010.08.16 18:38:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions
[2011.08.01 18:03:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions
[2010.10.29 07:29:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2011.07.22 20:12:31 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.07.31 01:28:07 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com
[2010.10.31 20:17:36 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\daemon-search.xml
[2011.08.15 18:16:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-1.xml
[2011.03.10 20:10:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-2.xml
[2011.03.24 18:36:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-3.xml
[2010.12.05 12:15:49 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin.xml
[2010.08.16 18:45:53 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\qip-search.xml
[2011.04.15 21:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\XXX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MFZK786T.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\XXX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MFZK786T.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2010.08.16 17:44:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.08.17 00:36:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.02.21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011.06.24 21:38:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.06.24 21:38:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.06.24 21:38:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.24 21:38:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.24 21:38:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.08.19 16:27:50 | 000,202,984 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 127.0.0.1 tl-ph.facebook.com
O1 - Hosts: 127.0.0.1 fo-fo.facebook.com
O1 - Hosts: 127.0.0.1 fr-fr.facebook.com
O1 - Hosts: 127.0.0.1 fy-nl.facebook.com
O1 - Hosts: 127.0.0.1 ga-ie.facebook.com
O1 - Hosts: 127.0.0.1 gl-es.facebook.com
O1 - Hosts: 127.0.0.1 ko-kr.facebook.com
O1 - Hosts: 50053 more lines...
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [1746660.exe] C:\Documents and Settings\xxx\Local Settings\Temp\1746660.exe ()
O4 - HKLM..\Run: [4540450.exe] C:\WINDOWS\TEMP\4540450.exe ()
O4 - HKLM..\Run: [5201822.exe] C:\Documents and Settings\xxx\Local Settings\Temp\5201822.exe ()
O4 - HKLM..\Run: [5467369.exe] C:\WINDOWS\TEMP\5467369.exe ()
O4 - HKLM..\Run: [8644823.exe] C:\WINDOWS\TEMP\8644823.exe ()
O4 - HKLM..\Run: [95670953-loader2.exe] C:\WINDOWS\TEMP\95670953-loader2.exe ()
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast5] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] File not found
O4 - HKLM..\Run: [sysdriver32_.exe] File not found
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [Octoshape Streaming Services] C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [QIP Internet Guardian] C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe ()
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [Steam] C:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.01 01:17:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6ecc4186-bc3c-11df-85d0-00012e2af277}\Shell - "" = AutoRun
O33 - MountPoints2\{6ecc4186-bc3c-11df-85d0-00012e2af277}\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.08.20 12:03:47 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2011.08.19 19:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.19 19:47:51 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.19 19:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
[2011.08.19 19:41:43 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.08.19 19:41:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.08.19 19:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.08.19 19:41:39 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.08.19 19:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.08.19 16:29:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.08.19 16:27:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.08.19 16:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\WinRAR
[2011.08.19 16:26:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.7.1
[2011.08.19 16:23:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.08.19 16:21:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.08.19 16:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
[2011.08.19 16:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
[2011.08.18 10:38:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\Voda-hudba
[2011.08.09 10:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.08.09 10:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
[2011.08.08 17:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\The Witcher
[2011.07.30 19:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2011.07.30 18:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Nabídka Start\Programy\Garena
[2011.07.30 18:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Garena
[2011.07.30 14:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\GameRanger
[2011.07.30 14:03:54 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011.07.30 14:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Nabídka Start\Programy\Warcraft III
[2011.07.30 14:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III
[2011.07.28 23:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\YAWLE
[2011.07.28 12:47:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Dokumenty\My Games
[2011.07.28 12:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2011.07.28 11:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\dvdcss
[2011.07.22 01:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\GamePark2
[2011.07.22 01:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\GamePark2
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.08.20 12:06:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.20 12:03:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2011.08.20 12:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.08.20 11:58:31 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.20 11:58:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.19 22:08:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.19 20:09:48 | 133,253,315 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Voda-hudba.rar
[2011.08.19 19:41:43 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.19 18:11:05 | 000,050,994 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
[2011.08.19 16:37:50 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011.08.19 16:37:50 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.08.19 16:37:50 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011.08.19 16:37:49 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011.08.19 16:32:40 | 000,000,177 | ---- | M] () -- C:\WINDOWS\info1
[2011.08.19 16:27:50 | 000,202,984 | -H-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.08.19 16:27:50 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hîsts
[2011.08.19 16:27:09 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011.08.19 16:25:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011.08.19 16:23:40 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.08.19 16:22:08 | 000,000,215 | ---- | M] () -- C:\boot.ini
[2011.08.18 23:46:22 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.08.18 23:46:09 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.08.18 23:40:47 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Universal Anticheat 3.lnk
[2011.08.18 11:48:38 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
[2011.08.17 00:36:10 | 000,179,200 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.16 18:18:14 | 000,001,426 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.08.14 17:26:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.11 15:35:19 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Any Video Converter.lnk
[2011.08.10 02:09:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.08.09 10:23:55 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\LogMeIn Hamachi.lnk
[2011.08.07 21:13:42 | 000,239,667 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\longer.JPG
[2011.07.30 18:51:26 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Garena.lnk
[2011.07.30 14:21:09 | 000,001,559 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Yet Another Warcraft LAN Emulator.lnk
[2011.07.30 14:21:00 | 000,729,088 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2011.07.30 14:08:50 | 000,078,090 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2011.07.30 14:08:04 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011.07.30 14:08:04 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2011.07.28 20:28:36 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.07.22 01:14:49 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk
[2011.07.22 01:14:49 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\GamePark klient 2.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.08.20 12:06:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.19 20:08:44 | 133,253,315 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Voda-hudba.rar
[2011.08.19 19:41:43 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.19 16:37:50 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011.08.19 16:37:49 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011.08.19 16:37:49 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011.08.19 16:27:10 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011.08.19 16:27:09 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011.08.19 16:27:09 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.08.19 16:26:15 | 000,000,177 | ---- | C] () -- C:\WINDOWS\info1
[2011.08.19 16:25:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.08.07 21:13:42 | 000,239,667 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\longer.JPG
[2011.07.30 19:39:18 | 000,050,994 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
[2011.07.30 18:51:26 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Garena.lnk
[2011.07.30 14:21:09 | 000,001,559 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Yet Another Warcraft LAN Emulator.lnk
[2011.07.30 14:14:25 | 000,001,008 | ---- | C] () -- C:\Documents and Settings\xxx\Nabídka Start\Programy\GameRanger.lnk
[2011.07.30 14:03:55 | 000,078,090 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2011.07.30 14:03:54 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2011.07.22 01:14:49 | 000,001,531 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\GamePark klient 2.lnk
[2011.07.22 01:14:49 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk
[2011.07.22 01:14:49 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\GamePark klient 2.lnk
[2011.04.08 13:32:12 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.02.18 14:07:35 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2011.01.05 16:14:15 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.12.23 23:02:07 | 000,000,098 | ---- | C] () -- C:\WINDOWS\vypalovac.ini
[2010.11.18 17:19:00 | 000,001,482 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\RecConfig.xml
[2010.11.13 01:29:52 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
[2010.11.13 01:10:15 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2010.10.23 18:35:15 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.10.02 17:58:51 | 000,002,670 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2010.09.18 18:34:10 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2010.09.18 18:22:32 | 000,074,231 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2010.08.23 17:05:57 | 000,179,200 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.16 20:32:58 | 000,233,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.08.16 20:32:56 | 000,233,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.08.16 20:32:56 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.08.16 20:32:24 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.08.16 19:53:26 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.08.16 19:53:19 | 000,214,520 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.08.16 19:53:11 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.08.16 19:32:47 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.08.16 18:37:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.08.16 18:19:44 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\tcusbdrv.dll
[2008.01.01 02:34:00 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.01.01 02:33:53 | 000,001,426 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.01.01 02:29:03 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2008.01.01 01:56:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.01.01 01:55:36 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.01.01 01:39:14 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2008.01.01 01:37:26 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.01.01 01:28:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.01.01 01:14:49 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 12:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2004.08.17 17:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.17 17:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.08.02 16:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.09.26 15:48:46 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2001.10.25 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 16:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 16:00:00 | 000,351,080 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,350,270 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 16:00:00 | 000,059,960 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,051,358 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 16:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2010.11.04 19:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Age of Empires 3
[2010.10.02 18:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cisco
[2010.09.09 16:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.11.13 22:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.02.11 15:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2010.08.23 20:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.08.17 10:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Allstar
[2010.08.23 20:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\AnvSoft
[2010.10.28 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BitComet
[2010.10.08 17:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BSplayer PRO
[2010.09.09 20:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\DAEMON Tools Lite
[2011.07.30 14:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\GameRanger
[2011.08.08 13:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQ
[2010.10.10 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Octoshape
[2011.07.30 19:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy
[2010.08.16 18:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\QipGuard
[2011.03.19 12:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\RayV
[2011.05.15 12:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\TS3Client
[2010.11.05 12:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\uTorrent
[2011.08.20 12:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 17:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"QIP Internet Guardian" = C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe -- [2010.06.09 18:35:10 | 000,187,904 | ---- | M] ()
"Steam" = "C:\program files\steam\steam.exe" -silent -- [2011.08.02 14:01:50 | 001,242,448 | ---- | M] (Valve Corporation)
"Octoshape Streaming Services" = "C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun -- [2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
< MD5 for: ATAPI.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.17 17:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 17:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CSRSS.EXE >
[2004.08.17 17:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\csrss.exe
[2004.08.17 17:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >
[2004.08.17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: LSASS.EXE >
[2004.08.17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2004.08.04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NTFS.SYS >
[2004.08.04 01:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2004.08.04 01:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2004.08.17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2004.08.17 17:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\system32\dllcache\services.exe
[2004.08.17 17:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\system32\services.exe
< MD5 for: SMSS.EXE >
[2004.08.17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2004.08.17 17:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2004.08.17 17:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2004.08.17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2004.08.04 01:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.04 01:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2003.06.19 02:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\system32\drivers\*.sys /5 >
[2011.08.18 23:46:22 | 000,137,464 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys
< %systemroot%\system32\drivers\*.sys /X >
[2001.10.25 16:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 16:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2008.07.08 02:45:58 | 000,004,984 | ---- | M] () -- C:\WINDOWS\system32\drivers\nvphy.bin
[2008.05.20 18:46:08 | 000,000,008 | ---- | M] () -- C:\WINDOWS\system32\drivers\rtkhdaud.dat
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.09.09 16:17:43 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\system32\*.* /5 >
[2011.08.18 23:46:08 | 000,214,520 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2011.08.18 23:46:09 | 000,214,520 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2008.01.01 01:54:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.01.01 01:54:53 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.01.01 01:54:53 | 000,471,040 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[18 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.11.13 01:20:52 | 000,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\.zreglib
[2008.01.01 02:20:27 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2010.09.18 18:28:21 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\hpzinstall.log
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2010.09.04 10:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Adobe
[2010.08.17 10:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Allstar
[2010.08.23 20:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\AnvSoft
[2010.10.28 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BitComet
[2010.10.08 17:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BSplayer PRO
[2010.09.09 20:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\DAEMON Tools Lite
[2011.07.28 11:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\dvdcss
[2011.07.30 14:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\GameRanger
[2010.11.06 20:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Hamachi
[2011.08.08 13:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQ
[2008.01.01 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Identities
[2008.01.01 02:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Macromedia
[2011.08.19 19:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
[2011.06.29 16:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Media Player Classic
[2011.05.04 19:08:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\xxx\Data aplikací\Microsoft
[2010.10.23 18:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Microsoft Web Folders
[2011.06.24 13:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\mIRC
[2010.10.10 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Mozilla
[2010.11.13 01:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Nero
[2010.10.10 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Octoshape
[2011.07.30 19:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy
[2010.08.16 18:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\QipGuard
[2011.03.19 12:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\RayV
[2011.05.14 19:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Real
[2011.07.28 21:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Skype
[2011.07.28 20:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\skypePM
[2010.08.16 17:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Sun
[2010.09.10 17:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\teamspeak2
[2011.05.15 12:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\TS3Client
[2010.11.05 12:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\uTorrent
[2010.08.16 18:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Ventrilo
[2011.04.18 23:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\vlc
[2010.08.16 19:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\WinRAR
[2011.08.19 13:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Xfire
< %APPDATA%\*.* >
[2011.08.18 11:48:38 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
[2008.01.01 02:20:27 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\xxx\Data aplikací\desktop.ini
[2011.08.19 18:11:05 | 000,050,994 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
< %APPDATA%\*.exe /s >
[2011.06.24 18:46:03 | 001,449,696 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\xxx\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2011.05.28 15:02:34 | 003,486,088 | ---- | M] (Ask) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[2011.05.14 19:08:25 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_0E6D298F36384FCEB7BC317CB5C5055C\LatestDLMgr.exe
[2011.05.14 19:08:30 | 000,686,840 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_0E6D298F36384FCEB7BC317CB5C5055C\RealPlayer_p1v2.exe
[2011.06.09 21:03:56 | 005,845,528 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_120A6F8C10B742E6868AA6565C4A3EF1\driverscanner (33).exe
[2011.07.30 19:07:54 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_120A6F8C10B742E6868AA6565C4A3EF1\LatestDLMgr.exe
[2011.05.06 11:59:36 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_17899D454F9F43649EBA8E6166A7376E\LatestDLMgr.exe
[2011.02.09 20:12:20 | 004,447,072 | ---- | M] (ReviverSoft ) -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_17899D454F9F43649EBA8E6166A7376E\RegistryReviverSetup-afl_.exe
[2011.02.09 21:04:30 | 000,059,688 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_17899D454F9F43649EBA8E6166A7376E\RevStarter.exe
[2010.06.09 18:35:10 | 000,187,904 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
< %SYSTEMDRIVE%\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=AlwaysOff /fastdetect
< *crack* >
< *keygen* >
< End of report >
OTL logfile created on: 20.8.2011 12:05:28 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,94 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 72,56% Memory free
3,79 Gb Paging File | 3,33 Gb Available in Paging File | 87,95% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,00 Gb Total Space | 21,27 Gb Free Space | 42,53% Space Free | Partition Type: NTFS
Drive D: | 99,04 Gb Total Space | 3,69 Gb Free Space | 3,72% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 196,68 Gb Free Space | 84,46% Space Free | Partition Type: NTFS
Computer Name: SVIK-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.08.20 12:03:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
PRC - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
PRC - [2011.08.17 00:36:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.08.02 14:01:50 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2010.12.20 17:57:04 | 000,602,872 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.06.09 18:35:10 | 000,187,904 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
PRC - [2004.08.17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.09.26 15:38:02 | 000,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpofxm07.exe
PRC - [2002.09.26 15:18:18 | 000,294,912 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe
PRC - [2002.09.26 15:04:02 | 000,299,008 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpoevm07.exe
PRC - [2002.09.26 14:40:00 | 000,487,484 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
========== Modules (No Company Name) ==========
MOD - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
MOD - [2011.08.17 00:36:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.08.03 01:17:52 | 014,401,832 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2011.08.03 01:17:45 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
MOD - [2011.08.03 01:17:45 | 000,190,248 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2011.08.03 01:17:45 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dll
MOD - [2011.08.03 01:17:45 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
MOD - [2011.04.19 10:26:55 | 006,053,536 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
MOD - [2010.06.09 18:35:10 | 000,187,904 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004.08.17 17:49:12 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2002.09.26 15:37:30 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpopxs07.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 4.0)
SRV - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.12.20 17:57:04 | 000,602,872 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
========== Driver Services (SafeList) ==========
DRV - [2011.08.18 23:46:22 | 000,137,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2010.12.20 17:43:42 | 000,019,680 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2010.09.09 16:17:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.03 16:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.05.04 18:22:54 | 005,075,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.08.18 19:54:24 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008.08.05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.08.01 12:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.08.01 12:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.10.23 09:00:00 | 000,008,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\internet\RivaTuner v2.0 RC 16.1\RivaTuner32.sys -- (RivaTuner32)
DRV - [2006.05.13 17:54:11 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\internet\COD\rider\PBDownForce.sys -- (PBDOWNFORCE_SERVICE)
DRV - [2006.01.04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2002.08.12 16:20:22 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023k.sys -- (USB_RNDIS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.17 00:36:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.19 17:36:22 | 000,000,000 | ---D | M]
[2010.08.16 18:38:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions
[2011.08.01 18:03:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions
[2010.10.29 07:29:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2011.07.22 20:12:31 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.07.31 01:28:07 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com
[2010.10.31 20:17:36 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\daemon-search.xml
[2011.08.15 18:16:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-1.xml
[2011.03.10 20:10:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-2.xml
[2011.03.24 18:36:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-3.xml
[2010.12.05 12:15:49 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin.xml
[2010.08.16 18:45:53 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\qip-search.xml
[2011.04.15 21:02:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\XXX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MFZK786T.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\XXX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MFZK786T.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2010.08.16 17:44:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.08.17 00:36:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.02.21 12:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011.06.24 21:38:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.06.24 21:38:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.06.24 21:38:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.24 21:38:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.24 21:38:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.08.19 16:27:50 | 000,202,984 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 127.0.0.1 tl-ph.facebook.com
O1 - Hosts: 127.0.0.1 fo-fo.facebook.com
O1 - Hosts: 127.0.0.1 fr-fr.facebook.com
O1 - Hosts: 127.0.0.1 fy-nl.facebook.com
O1 - Hosts: 127.0.0.1 ga-ie.facebook.com
O1 - Hosts: 127.0.0.1 gl-es.facebook.com
O1 - Hosts: 127.0.0.1 ko-kr.facebook.com
O1 - Hosts: 50053 more lines...
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [1746660.exe] C:\Documents and Settings\xxx\Local Settings\Temp\1746660.exe ()
O4 - HKLM..\Run: [4540450.exe] C:\WINDOWS\TEMP\4540450.exe ()
O4 - HKLM..\Run: [5201822.exe] C:\Documents and Settings\xxx\Local Settings\Temp\5201822.exe ()
O4 - HKLM..\Run: [5467369.exe] C:\WINDOWS\TEMP\5467369.exe ()
O4 - HKLM..\Run: [8644823.exe] C:\WINDOWS\TEMP\8644823.exe ()
O4 - HKLM..\Run: [95670953-loader2.exe] C:\WINDOWS\TEMP\95670953-loader2.exe ()
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast5] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] File not found
O4 - HKLM..\Run: [sysdriver32_.exe] File not found
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [Octoshape Streaming Services] C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [QIP Internet Guardian] C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe ()
O4 - HKU\S-1-5-21-527237240-73586283-682003330-1001..\Run: [Steam] C:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.01 01:17:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6ecc4186-bc3c-11df-85d0-00012e2af277}\Shell - "" = AutoRun
O33 - MountPoints2\{6ecc4186-bc3c-11df-85d0-00012e2af277}\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.08.20 12:03:47 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2011.08.19 19:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.19 19:47:51 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.19 19:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
[2011.08.19 19:41:43 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.08.19 19:41:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.08.19 19:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.08.19 19:41:39 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.08.19 19:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.08.19 16:29:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.08.19 16:27:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.08.19 16:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\WinRAR
[2011.08.19 16:26:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.7.1
[2011.08.19 16:23:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.08.19 16:21:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.08.19 16:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
[2011.08.19 16:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
[2011.08.18 10:38:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\Voda-hudba
[2011.08.09 10:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.08.09 10:23:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
[2011.08.08 17:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\The Witcher
[2011.07.30 19:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2011.07.30 18:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Nabídka Start\Programy\Garena
[2011.07.30 18:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Garena
[2011.07.30 14:14:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\GameRanger
[2011.07.30 14:03:54 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011.07.30 14:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Nabídka Start\Programy\Warcraft III
[2011.07.30 14:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III
[2011.07.28 23:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\YAWLE
[2011.07.28 12:47:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Dokumenty\My Games
[2011.07.28 12:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2011.07.28 11:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\dvdcss
[2011.07.22 01:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\GamePark2
[2011.07.22 01:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\GamePark2
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.08.20 12:06:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.20 12:03:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2011.08.20 12:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.08.20 11:58:31 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.20 11:58:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.19 22:08:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.19 20:09:48 | 133,253,315 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Voda-hudba.rar
[2011.08.19 19:41:43 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.19 18:11:05 | 000,050,994 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
[2011.08.19 16:37:50 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011.08.19 16:37:50 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.08.19 16:37:50 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011.08.19 16:37:49 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011.08.19 16:32:40 | 000,000,177 | ---- | M] () -- C:\WINDOWS\info1
[2011.08.19 16:27:50 | 000,202,984 | -H-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.08.19 16:27:50 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hîsts
[2011.08.19 16:27:09 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011.08.19 16:25:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011.08.19 16:23:40 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.08.19 16:22:08 | 000,000,215 | ---- | M] () -- C:\boot.ini
[2011.08.18 23:46:22 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.08.18 23:46:09 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.08.18 23:40:47 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Universal Anticheat 3.lnk
[2011.08.18 11:48:38 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
[2011.08.17 00:36:10 | 000,179,200 | ---- | M] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.16 18:18:14 | 000,001,426 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.08.14 17:26:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.11 15:35:19 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Any Video Converter.lnk
[2011.08.10 02:09:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.08.09 10:23:55 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\LogMeIn Hamachi.lnk
[2011.08.07 21:13:42 | 000,239,667 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\longer.JPG
[2011.07.30 18:51:26 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Garena.lnk
[2011.07.30 14:21:09 | 000,001,559 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Yet Another Warcraft LAN Emulator.lnk
[2011.07.30 14:21:00 | 000,729,088 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2011.07.30 14:08:50 | 000,078,090 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2011.07.30 14:08:04 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2011.07.30 14:08:04 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2011.07.28 20:28:36 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.07.22 01:14:49 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk
[2011.07.22 01:14:49 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\GamePark klient 2.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.08.20 12:06:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.19 20:08:44 | 133,253,315 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Voda-hudba.rar
[2011.08.19 19:41:43 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.19 16:37:50 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011.08.19 16:37:49 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011.08.19 16:37:49 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011.08.19 16:27:10 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011.08.19 16:27:09 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011.08.19 16:27:09 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.08.19 16:26:15 | 000,000,177 | ---- | C] () -- C:\WINDOWS\info1
[2011.08.19 16:25:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.08.07 21:13:42 | 000,239,667 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\longer.JPG
[2011.07.30 19:39:18 | 000,050,994 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
[2011.07.30 18:51:26 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Garena.lnk
[2011.07.30 14:21:09 | 000,001,559 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Yet Another Warcraft LAN Emulator.lnk
[2011.07.30 14:14:25 | 000,001,008 | ---- | C] () -- C:\Documents and Settings\xxx\Nabídka Start\Programy\GameRanger.lnk
[2011.07.30 14:03:55 | 000,078,090 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2011.07.30 14:03:54 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2011.07.22 01:14:49 | 000,001,531 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\GamePark klient 2.lnk
[2011.07.22 01:14:49 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk
[2011.07.22 01:14:49 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\GamePark klient 2.lnk
[2011.04.08 13:32:12 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.02.18 14:07:35 | 000,000,745 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2011.01.05 16:14:15 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.12.23 23:02:07 | 000,000,098 | ---- | C] () -- C:\WINDOWS\vypalovac.ini
[2010.11.18 17:19:00 | 000,001,482 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\RecConfig.xml
[2010.11.13 01:29:52 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
[2010.11.13 01:10:15 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2010.10.23 18:35:15 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.10.02 17:58:51 | 000,002,670 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2010.09.18 18:34:10 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2010.09.18 18:22:32 | 000,074,231 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2010.08.23 17:05:57 | 000,179,200 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.16 20:32:58 | 000,233,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.08.16 20:32:56 | 000,233,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.08.16 20:32:56 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.08.16 20:32:24 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.08.16 19:53:26 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.08.16 19:53:19 | 000,214,520 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.08.16 19:53:11 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.08.16 19:32:47 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.08.16 18:37:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.08.16 18:19:44 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\tcusbdrv.dll
[2008.01.01 02:34:00 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.01.01 02:33:53 | 000,001,426 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.01.01 02:29:03 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2008.01.01 01:56:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.01.01 01:55:36 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.01.01 01:39:14 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2008.01.01 01:37:26 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.01.01 01:28:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.01.01 01:14:49 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 12:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2004.08.17 17:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.17 17:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.08.02 16:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.09.26 15:48:46 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\win2000.dll
[2001.10.25 16:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 16:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 16:00:00 | 000,351,080 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,350,270 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 16:00:00 | 000,059,960 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,051,358 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 16:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 16:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2010.11.04 19:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Age of Empires 3
[2010.10.02 18:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cisco
[2010.09.09 16:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.11.13 22:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.02.11 15:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2010.08.23 20:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.08.17 10:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Allstar
[2010.08.23 20:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\AnvSoft
[2010.10.28 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BitComet
[2010.10.08 17:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BSplayer PRO
[2010.09.09 20:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\DAEMON Tools Lite
[2011.07.30 14:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\GameRanger
[2011.08.08 13:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQ
[2010.10.10 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Octoshape
[2011.07.30 19:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy
[2010.08.16 18:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\QipGuard
[2011.03.19 12:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\RayV
[2011.05.15 12:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\TS3Client
[2010.11.05 12:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\uTorrent
[2011.08.20 12:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 17:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"QIP Internet Guardian" = C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe -- [2010.06.09 18:35:10 | 000,187,904 | ---- | M] ()
"Steam" = "C:\program files\steam\steam.exe" -silent -- [2011.08.02 14:01:50 | 001,242,448 | ---- | M] (Valve Corporation)
"Octoshape Streaming Services" = "C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun -- [2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
< MD5 for: ATAPI.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.17 17:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 17:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CSRSS.EXE >
[2004.08.17 17:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\csrss.exe
[2004.08.17 17:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >
[2004.08.17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: LSASS.EXE >
[2004.08.17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2004.08.04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NTFS.SYS >
[2004.08.04 01:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2004.08.04 01:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2004.08.17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2004.08.17 17:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\system32\dllcache\services.exe
[2004.08.17 17:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\system32\services.exe
< MD5 for: SMSS.EXE >
[2004.08.17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2004.08.17 17:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2004.08.17 17:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2004.08.17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2004.08.04 01:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.04 01:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2003.06.19 02:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\system32\drivers\*.sys /5 >
[2011.08.18 23:46:22 | 000,137,464 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys
< %systemroot%\system32\drivers\*.sys /X >
[2001.10.25 16:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 16:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2008.07.08 02:45:58 | 000,004,984 | ---- | M] () -- C:\WINDOWS\system32\drivers\nvphy.bin
[2008.05.20 18:46:08 | 000,000,008 | ---- | M] () -- C:\WINDOWS\system32\drivers\rtkhdaud.dat
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.09.09 16:17:43 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\system32\*.* /5 >
[2011.08.18 23:46:08 | 000,214,520 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2011.08.18 23:46:09 | 000,214,520 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2008.01.01 01:54:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.01.01 01:54:53 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.01.01 01:54:53 | 000,471,040 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[18 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.11.13 01:20:52 | 000,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\.zreglib
[2008.01.01 02:20:27 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2010.09.18 18:28:21 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\hpzinstall.log
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2010.09.04 10:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Adobe
[2010.08.17 10:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Allstar
[2010.08.23 20:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\AnvSoft
[2010.10.28 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BitComet
[2010.10.08 17:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\BSplayer PRO
[2010.09.09 20:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\DAEMON Tools Lite
[2011.07.28 11:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\dvdcss
[2011.07.30 14:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\GameRanger
[2010.11.06 20:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Hamachi
[2011.08.08 13:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQ
[2008.01.01 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Identities
[2008.01.01 02:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Macromedia
[2011.08.19 19:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
[2011.06.29 16:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Media Player Classic
[2011.05.04 19:08:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\xxx\Data aplikací\Microsoft
[2010.10.23 18:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Microsoft Web Folders
[2011.06.24 13:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\mIRC
[2010.10.10 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Mozilla
[2010.11.13 01:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Nero
[2010.10.10 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Octoshape
[2011.07.30 19:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy
[2010.08.16 18:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\QipGuard
[2011.03.19 12:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\RayV
[2011.05.14 19:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Real
[2011.07.28 21:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Skype
[2011.07.28 20:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\skypePM
[2010.08.16 17:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Sun
[2010.09.10 17:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\teamspeak2
[2011.05.15 12:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\TS3Client
[2010.11.05 12:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\uTorrent
[2010.08.16 18:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Ventrilo
[2011.04.18 23:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\vlc
[2010.08.16 19:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\WinRAR
[2011.08.19 13:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Xfire
< %APPDATA%\*.* >
[2011.08.18 11:48:38 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
[2008.01.01 02:20:27 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\xxx\Data aplikací\desktop.ini
[2011.08.19 18:11:05 | 000,050,994 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
< %APPDATA%\*.exe /s >
[2011.06.24 18:46:03 | 001,449,696 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\xxx\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2011.05.28 15:02:34 | 003,486,088 | ---- | M] (Ask) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[2011.05.14 19:08:25 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_0E6D298F36384FCEB7BC317CB5C5055C\LatestDLMgr.exe
[2011.05.14 19:08:30 | 000,686,840 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_0E6D298F36384FCEB7BC317CB5C5055C\RealPlayer_p1v2.exe
[2011.06.09 21:03:56 | 005,845,528 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_120A6F8C10B742E6868AA6565C4A3EF1\driverscanner (33).exe
[2011.07.30 19:07:54 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_120A6F8C10B742E6868AA6565C4A3EF1\LatestDLMgr.exe
[2011.05.06 11:59:36 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_17899D454F9F43649EBA8E6166A7376E\LatestDLMgr.exe
[2011.02.09 20:12:20 | 004,447,072 | ---- | M] (ReviverSoft ) -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_17899D454F9F43649EBA8E6166A7376E\RegistryReviverSetup-afl_.exe
[2011.02.09 21:04:30 | 000,059,688 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\OpenCandy\OpenCandy_17899D454F9F43649EBA8E6166A7376E\RevStarter.exe
[2010.06.09 18:35:10 | 000,187,904 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
< %SYSTEMDRIVE%\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=AlwaysOff /fastdetect
< *crack* >
< *keygen* >
< End of report >
-
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
a jeste bych se chtel zeptat, jeslti by nebylo jednodussi preinstalovat celej system. Kdyby to slo takto vyresit, klidne bych vam usetril praci a cely to preinstaloval.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: facebook vir
Jednodušší by to bylo, ale nejsem tu od toho, abych vám radil přeinstalovat systém.VinNystrik píše:a jeste bych se chtel zeptat, jeslti by nebylo jednodussi preinstalovat celej system. Kdyby to slo takto vyresit, klidne bych vam usetril praci a cely to preinstaloval.
Vyčkejte, mrknu na log, sepíšu opravu - PC určitě dáme do kupy. -
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: facebook vir
Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.Kód: Vybrat vše
:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
:OTL
MOD - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
MOD - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 4.0)
SRV - [2011.08.19 16:26:13 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
[2011.07.31 01:28:07 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com
[2010.10.31 20:17:36 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\daemon-search.xml
[2011.08.15 18:16:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-1.xml
[2011.03.10 20:10:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-2.xml
[2011.03.24 18:36:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-3.xml
[2010.12.05 12:15:49 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin.xml
[2010.08.16 18:45:53 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\qip-search.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\XXX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\MFZK786T.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\ShellBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-527237240-73586283-682003330-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [1746660.exe] C:\Documents and Settings\xxx\Local Settings\Temp\1746660.exe ()
O4 - HKLM..\Run: [4540450.exe] C:\WINDOWS\TEMP\4540450.exe ()
O4 - HKLM..\Run: [5201822.exe] C:\Documents and Settings\xxx\Local Settings\Temp\5201822.exe ()
O4 - HKLM..\Run: [5467369.exe] C:\WINDOWS\TEMP\5467369.exe ()
O4 - HKLM..\Run: [8644823.exe] C:\WINDOWS\TEMP\8644823.exe ()
O4 - HKLM..\Run: [95670953-loader2.exe] C:\WINDOWS\TEMP\95670953-loader2.exe ()
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [sysdriver32.exe] File not found
O4 - HKLM..\Run: [sysdriver32_.exe] File not found
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [wxpdrv] File not found
O31 - SafeBoot: AlternateShell - services32.exe
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
[2011.08.19 16:37:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.08.19 16:29:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.08.19 16:27:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.08.20 12:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.08.19 16:37:50 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
[2011.08.19 16:37:50 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.08.19 16:37:50 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
[2011.08.19 16:37:49 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
[2011.08.19 16:32:40 | 000,000,177 | ---- | M] () -- C:\WINDOWS\info1
[2011.08.19 16:27:09 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
[2011.08.19 16:25:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
[2011.08.19 16:37:50 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
[2011.08.19 16:37:49 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
[2011.08.19 16:37:49 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
[2011.08.19 16:27:10 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
[2011.08.19 16:27:09 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
[2011.08.19 16:27:09 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.08.19 16:26:15 | 000,000,177 | ---- | C] () -- C:\WINDOWS\info1
[2011.08.19 16:25:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.08.19 16:26:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.7.1
[2011.08.19 16:23:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.08.19 16:21:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.08.19 16:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
[2011.08.19 16:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
[2010.08.23 20:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.05.28 15:02:34 | 003,486,088 | ---- | M] (Ask) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
:Files
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\ICQ6Toolbar
C:\Program Files\Ask.com
C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" =-
"DAEMON Tools Toolbar" =-
"ICQToolbar" =-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe" =-
"C:\WINDOWS\update.1\svchost.exe" =-
"C:\WINDOWS\update.tray-7-0\svchost.exe" =-
"C:\WINDOWS\update.tray-7-0-lnk\svchost.exe" =-
"C:\WINDOWS\update.2\svchost.exe" =--
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
vse jsem udelal podle pokynu, zde je log:
All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 643442 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 2661059 bytes
->Google Chrome cache emptied: 6297218 bytes
->Flash cache emptied: 502 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 1638976 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: xxx
->Temp folder emptied: 1462105313 bytes
->Temporary Internet Files folder emptied: 145572856 bytes
->Java cache emptied: 726420 bytes
->FireFox cache emptied: 107021337 bytes
->Google Chrome cache emptied: 258895456 bytes
->Flash cache emptied: 70567 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4229168 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17654693 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 590525 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 6918734 bytes
Total Files Cleaned = 1 922,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: xxx
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
========== OTL ==========
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
Service ddservice stopped successfully!
Service ddservice deleted successfully!
C:\WINDOWS\update.7.1\svchostdriver.exe moved successfully.
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.1.9&q=" removed from keyword.URL
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-01-Jun-2011-18-19-00-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-30-Jul-2011-18-30-09-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-28-Mar-2011-18-01-37-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-29-Apr-2011-09-21-27-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-27-May-2011-11-57-51-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-20-May-2011-22-22-36-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\qip-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
File C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1746660.exe deleted successfully.
File C:\Documents and Settings\xxx\Local Settings\Temp\1746660.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4540450.exe deleted successfully.
File C:\WINDOWS\TEMP\4540450.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5201822.exe deleted successfully.
File C:\Documents and Settings\xxx\Local Settings\Temp\5201822.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5467369.exe deleted successfully.
File C:\WINDOWS\TEMP\5467369.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8644823.exe deleted successfully.
File C:\WINDOWS\TEMP\8644823.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\95670953-loader2.exe deleted successfully.
File C:\WINDOWS\TEMP\95670953-loader2.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.
C:\WINDOWS\ufa folder moved successfully.
C:\WINDOWS\rpcminer folder moved successfully.
C:\WINDOWS\phoenix\kernels\poclbm folder moved successfully.
C:\WINDOWS\phoenix\kernels\phatk folder moved successfully.
C:\WINDOWS\phoenix\kernels folder moved successfully.
C:\WINDOWS\phoenix folder moved successfully.
C:\WINDOWS\update.5.0 folder moved successfully.
C:\WINDOWS\update.2 folder moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\WINDOWS\phoenix.rar moved successfully.
C:\WINDOWS\unrar.exe moved successfully.
C:\WINDOWS\ufa.rar moved successfully.
C:\WINDOWS\rpcminer.rar moved successfully.
C:\WINDOWS\info1 moved successfully.
C:\WINDOWS\geoiplist.rar moved successfully.
C:\WINDOWS\loader2.exe_ok moved successfully.
File C:\WINDOWS\ufa.rar not found.
File C:\WINDOWS\phoenix.rar not found.
File C:\WINDOWS\rpcminer.rar not found.
C:\WINDOWS\geoiplist moved successfully.
File C:\WINDOWS\geoiplist.rar not found.
File C:\WINDOWS\unrar.exe not found.
File C:\WINDOWS\info1 not found.
File C:\WINDOWS\loader2.exe_ok not found.
C:\WINDOWS\update.7.1 folder moved successfully.
C:\WINDOWS\av_ico folder moved successfully.
C:\WINDOWS\update.1 folder moved successfully.
C:\WINDOWS\update.tray-7-0-lnk folder moved successfully.
C:\WINDOWS\update.tray-7-0 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP folder moved successfully.
File C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe not found.
========== FILES ==========
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
File\Folder C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\DAEMON Tools Toolbar not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ICQToolbar not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.1\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-7-0\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-7-0-lnk\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.2\svchost.exe deleted successfully.
OTL by OldTimer - Version 3.2.26.5 log created on 08202011_132201
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 643442 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 2661059 bytes
->Google Chrome cache emptied: 6297218 bytes
->Flash cache emptied: 502 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 1638976 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: xxx
->Temp folder emptied: 1462105313 bytes
->Temporary Internet Files folder emptied: 145572856 bytes
->Java cache emptied: 726420 bytes
->FireFox cache emptied: 107021337 bytes
->Google Chrome cache emptied: 258895456 bytes
->Flash cache emptied: 70567 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4229168 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17654693 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 590525 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 6918734 bytes
Total Files Cleaned = 1 922,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: xxx
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
========== OTL ==========
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
Service ddservice stopped successfully!
Service ddservice deleted successfully!
C:\WINDOWS\update.7.1\svchostdriver.exe moved successfully.
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-527237240-73586283-682003330-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.1.9&q=" removed from keyword.URL
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-01-Jun-2011-18-19-00-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-30-Jul-2011-18-30-09-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-28-Mar-2011-18-01-37-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-29-Apr-2011-09-21-27-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-27-May-2011-11-57-51-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-20-May-2011-22-22-36-GMT folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\searchplugins\qip-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}\ deleted successfully.
C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
File C:\Documents and Settings\xxx\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-527237240-73586283-682003330-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1746660.exe deleted successfully.
File C:\Documents and Settings\xxx\Local Settings\Temp\1746660.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4540450.exe deleted successfully.
File C:\WINDOWS\TEMP\4540450.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5201822.exe deleted successfully.
File C:\Documents and Settings\xxx\Local Settings\Temp\5201822.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5467369.exe deleted successfully.
File C:\WINDOWS\TEMP\5467369.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8644823.exe deleted successfully.
File C:\WINDOWS\TEMP\8644823.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\95670953-loader2.exe deleted successfully.
File C:\WINDOWS\TEMP\95670953-loader2.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.
C:\WINDOWS\ufa folder moved successfully.
C:\WINDOWS\rpcminer folder moved successfully.
C:\WINDOWS\phoenix\kernels\poclbm folder moved successfully.
C:\WINDOWS\phoenix\kernels\phatk folder moved successfully.
C:\WINDOWS\phoenix\kernels folder moved successfully.
C:\WINDOWS\phoenix folder moved successfully.
C:\WINDOWS\update.5.0 folder moved successfully.
C:\WINDOWS\update.2 folder moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\WINDOWS\phoenix.rar moved successfully.
C:\WINDOWS\unrar.exe moved successfully.
C:\WINDOWS\ufa.rar moved successfully.
C:\WINDOWS\rpcminer.rar moved successfully.
C:\WINDOWS\info1 moved successfully.
C:\WINDOWS\geoiplist.rar moved successfully.
C:\WINDOWS\loader2.exe_ok moved successfully.
File C:\WINDOWS\ufa.rar not found.
File C:\WINDOWS\phoenix.rar not found.
File C:\WINDOWS\rpcminer.rar not found.
C:\WINDOWS\geoiplist moved successfully.
File C:\WINDOWS\geoiplist.rar not found.
File C:\WINDOWS\unrar.exe not found.
File C:\WINDOWS\info1 not found.
File C:\WINDOWS\loader2.exe_ok not found.
C:\WINDOWS\update.7.1 folder moved successfully.
C:\WINDOWS\av_ico folder moved successfully.
C:\WINDOWS\update.1 folder moved successfully.
C:\WINDOWS\update.tray-7-0-lnk folder moved successfully.
C:\WINDOWS\update.tray-7-0 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP folder moved successfully.
File C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe not found.
========== FILES ==========
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
File\Folder C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\DAEMON Tools Toolbar not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ICQToolbar not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\Flash-Player.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.1\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-7-0\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-7-0-lnk\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.2\svchost.exe deleted successfully.
OTL by OldTimer - Version 3.2.26.5 log created on 08202011_132201
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
chova se tak, ze jde vsechno, ale antivir tu bohuzel jeste nemam, takze jdu zkusit stahnout avast..
-
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
Bohuzel ale kdyz jsem nainstaloval avast, nespusti mi ho to. Je tu chyba failed to load language dll [1033\UILangRes.dll]
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: facebook vir
Zkuste použít odinstalátor http://www.viry.cz/forum/viewtopic.php?f=29&t=42886 a poté znovu zkusit nainstalovat Avast. A ještě mi neutíkejte, musíme dočistit.
-
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
tak je to snad v poradku. Avast funguje, jen muásim dohledat registracni klic:)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: facebook vir
Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe
- Spusťte.
- Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478 Záložka Čistič
- Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít Dejte nový log z RSIT.-
VinNystrik
- Návštěvník
- Příspěvky: 12
- Registrován: 19 srp 2011 18:48
Re: facebook vir
vsechno jsem udelal dle navodu a zde pridavam novy log, jak jste zadal:
Logfile of random's system information tool 1.09 (written by random/random)
Run by xxx at 2011-08-20 14:26:07
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 23 GB (46%) free of 51 GB
Total RAM: 1982 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:26:12, on 20.8.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
C:\program files\steam\steam.exe
C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\GamePark2\gpcl.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\xxx\Plocha\RSIT.exe
C:\Program Files\trend micro\xxx.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adserving.cpxinteractive.com/clk ... webhost_ad,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - Default URLSearchHook is missing
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [Steam] "C:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
--
End of file - 7552 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, jqs@sun.com:1.0, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
NPOFFICE.DLL
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-16 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-30 17881088]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"QIP Internet Guardian"=C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe [2010-06-09 187904]
"Steam"=C:\program files\steam\steam.exe [2011-08-02 1242448]
"Octoshape Streaming Services"=C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HPAiODevice(hp psc 900 series) - 1.lnk - C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe"="C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.XFR1"=xfcodec.dll
======List of files/folders created in the last 1 month======
2011-08-20 14:26:07 ----D---- C:\rsit
2011-08-20 14:21:38 ----D---- C:\Program Files\CCleaner
2011-08-20 13:53:17 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-08-20 13:53:16 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-08-20 13:53:14 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-08-20 13:53:14 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-08-20 13:53:14 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-08-20 13:53:13 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-08-20 13:53:13 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-08-20 13:53:12 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-08-20 13:53:01 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-08-20 13:52:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-20 13:34:22 ----D---- C:\Program Files\AVAST Software
2011-08-20 13:34:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-08-19 19:47:53 ----D---- C:\Program Files\trend micro
2011-08-19 19:41:50 ----D---- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
2011-08-19 19:41:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-19 19:41:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-19 16:30:54 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-08-19 16:27:57 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-08-19 16:25:30 ----A---- C:\WINDOWS\iplist.txt
2011-08-19 16:23:29 ----A---- C:\WINDOWS\front_ip_list.txt
2011-08-19 16:18:21 ----A---- C:\WINDOWS\winlog-ids.txt
2011-08-19 16:18:21 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-30 19:39:18 ----A---- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
2011-07-30 18:51:12 ----D---- C:\Program Files\Garena
2011-07-30 14:14:12 ----D---- C:\Documents and Settings\xxx\Data aplikací\GameRanger
2011-07-30 14:03:55 ----A---- C:\WINDOWS\War3Unin.dat
2011-07-30 14:03:54 ----A---- C:\WINDOWS\War3Unin.pif
2011-07-30 14:03:54 ----A---- C:\WINDOWS\War3Unin.exe
2011-07-30 14:02:42 ----D---- C:\Program Files\Warcraft III
2011-07-28 12:43:07 ----D---- C:\Program Files\Microsoft Games
2011-07-28 11:39:57 ----D---- C:\Documents and Settings\xxx\Data aplikací\dvdcss
2011-07-22 01:14:49 ----D---- C:\Program Files\GamePark2
======List of files/folders modified in the last 1 month======
2011-08-20 14:23:04 ----D---- C:\Documents and Settings\xxx\Data aplikací\Media Player Classic
2011-08-20 14:23:02 ----D---- C:\WINDOWS\Minidump
2011-08-20 14:23:02 ----D---- C:\WINDOWS\Debug
2011-08-20 14:23:02 ----D---- C:\WINDOWS
2011-08-20 14:21:52 ----D---- C:\WINDOWS\Prefetch
2011-08-20 14:21:38 ----RD---- C:\Program Files
2011-08-20 14:20:06 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-20 14:19:42 ----D---- C:\WINDOWS\Temp
2011-08-20 14:18:34 ----D---- C:\Program Files\Steam
2011-08-20 14:17:23 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-08-20 14:10:06 ----SHD---- C:\WINDOWS\Installer
2011-08-20 14:10:05 ----HD---- C:\Config.Msi
2011-08-20 13:53:17 ----D---- C:\WINDOWS\system32\drivers
2011-08-20 13:53:08 ----D---- C:\WINDOWS\WinSxS
2011-08-20 13:53:01 ----D---- C:\WINDOWS\system32
2011-08-20 13:23:06 ----SD---- C:\WINDOWS\Tasks
2011-08-20 13:23:00 ----SHD---- C:\System Volume Information
2011-08-20 13:23:00 ----D---- C:\WINDOWS\system32\Restore
2011-08-20 13:22:04 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-19 16:22:08 ----A---- C:\boot.ini
2011-08-19 13:56:19 ----D---- C:\Documents and Settings\xxx\Data aplikací\Xfire
2011-08-19 12:26:42 ----D---- C:\Program Files\Xfire
2011-08-18 23:46:08 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-08-18 11:48:38 ----A---- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
2011-08-17 00:36:29 ----D---- C:\Program Files\Mozilla Firefox
2011-08-16 18:18:14 ----A---- C:\WINDOWS\wincmd.ini
2011-08-08 17:16:57 ----D---- C:\WINDOWS\system32\DirectX
2011-08-08 17:16:54 ----HD---- C:\WINDOWS\inf
2011-08-08 17:04:07 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-08 16:55:04 ----D---- C:\Program Files\Call of Duty
2011-08-08 13:38:48 ----D---- C:\Documents and Settings\xxx\Data aplikací\ICQ
2011-07-30 19:07:53 ----D---- C:\Documents and Settings\xxx\Data aplikací\OpenCandy
2011-07-30 14:21:00 ----A---- C:\WINDOWS\iun6002.exe
2011-07-28 21:01:59 ----D---- C:\Documents and Settings\xxx\Data aplikací\Skype
2011-07-28 20:28:43 ----D---- C:\Documents and Settings\xxx\Data aplikací\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-09 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-04 5075968]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 are4nisc;are4nisc; C:\WINDOWS\system32\drivers\are4nisc.sys []
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 PBDOWNFORCE_SERVICE;PBDOWNFORCE_SERVICE; \??\D:\internet\COD\rider\PBDownforce.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RivaTuner32;RivaTuner32; \??\D:\internet\RivaTuner v2.0 RC 16.1\RivaTuner32.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys [2010-12-20 19680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-16 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-16 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-08-18 214520]
R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-12-20 602872]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-01-01 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-01-01 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by xxx at 2011-08-20 14:26:07
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 23 GB (46%) free of 51 GB
Total RAM: 1982 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:26:12, on 20.8.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
C:\program files\steam\steam.exe
C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\GamePark2\gpcl.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\xxx\Plocha\RSIT.exe
C:\Program Files\trend micro\xxx.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adserving.cpxinteractive.com/clk ... webhost_ad,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - Default URLSearchHook is missing
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [Steam] "C:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
--
End of file - 7552 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, jqs@sun.com:1.0, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
NPOFFICE.DLL
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\mfzk786t.default\extensions\
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-16 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-30 17881088]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"QIP Internet Guardian"=C:\Documents and Settings\xxx\Data aplikací\QipGuard\QipGuard.exe [2010-06-09 187904]
"Steam"=C:\program files\steam\steam.exe [2011-08-02 1242448]
"Octoshape Streaming Services"=C:\Documents and Settings\xxx\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HPAiODevice(hp psc 900 series) - 1.lnk - C:\Program Files\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe"="C:\Documents and Settings\xxx\Dokumenty\Stažené soubory\utorrent-setup\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\hard_cz\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.XFR1"=xfcodec.dll
======List of files/folders created in the last 1 month======
2011-08-20 14:26:07 ----D---- C:\rsit
2011-08-20 14:21:38 ----D---- C:\Program Files\CCleaner
2011-08-20 13:53:17 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-08-20 13:53:16 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-08-20 13:53:14 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-08-20 13:53:14 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-08-20 13:53:14 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-08-20 13:53:13 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-08-20 13:53:13 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-08-20 13:53:12 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-08-20 13:53:01 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-08-20 13:52:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-20 13:34:22 ----D---- C:\Program Files\AVAST Software
2011-08-20 13:34:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-08-19 19:47:53 ----D---- C:\Program Files\trend micro
2011-08-19 19:41:50 ----D---- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
2011-08-19 19:41:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-19 19:41:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-19 16:30:54 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-08-19 16:27:57 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-08-19 16:25:30 ----A---- C:\WINDOWS\iplist.txt
2011-08-19 16:23:29 ----A---- C:\WINDOWS\front_ip_list.txt
2011-08-19 16:18:21 ----A---- C:\WINDOWS\winlog-ids.txt
2011-08-19 16:18:21 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-30 19:39:18 ----A---- C:\Documents and Settings\xxx\Data aplikací\room_v3.dat
2011-07-30 18:51:12 ----D---- C:\Program Files\Garena
2011-07-30 14:14:12 ----D---- C:\Documents and Settings\xxx\Data aplikací\GameRanger
2011-07-30 14:03:55 ----A---- C:\WINDOWS\War3Unin.dat
2011-07-30 14:03:54 ----A---- C:\WINDOWS\War3Unin.pif
2011-07-30 14:03:54 ----A---- C:\WINDOWS\War3Unin.exe
2011-07-30 14:02:42 ----D---- C:\Program Files\Warcraft III
2011-07-28 12:43:07 ----D---- C:\Program Files\Microsoft Games
2011-07-28 11:39:57 ----D---- C:\Documents and Settings\xxx\Data aplikací\dvdcss
2011-07-22 01:14:49 ----D---- C:\Program Files\GamePark2
======List of files/folders modified in the last 1 month======
2011-08-20 14:23:04 ----D---- C:\Documents and Settings\xxx\Data aplikací\Media Player Classic
2011-08-20 14:23:02 ----D---- C:\WINDOWS\Minidump
2011-08-20 14:23:02 ----D---- C:\WINDOWS\Debug
2011-08-20 14:23:02 ----D---- C:\WINDOWS
2011-08-20 14:21:52 ----D---- C:\WINDOWS\Prefetch
2011-08-20 14:21:38 ----RD---- C:\Program Files
2011-08-20 14:20:06 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-20 14:19:42 ----D---- C:\WINDOWS\Temp
2011-08-20 14:18:34 ----D---- C:\Program Files\Steam
2011-08-20 14:17:23 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-08-20 14:10:06 ----SHD---- C:\WINDOWS\Installer
2011-08-20 14:10:05 ----HD---- C:\Config.Msi
2011-08-20 13:53:17 ----D---- C:\WINDOWS\system32\drivers
2011-08-20 13:53:08 ----D---- C:\WINDOWS\WinSxS
2011-08-20 13:53:01 ----D---- C:\WINDOWS\system32
2011-08-20 13:23:06 ----SD---- C:\WINDOWS\Tasks
2011-08-20 13:23:00 ----SHD---- C:\System Volume Information
2011-08-20 13:23:00 ----D---- C:\WINDOWS\system32\Restore
2011-08-20 13:22:04 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-19 16:22:08 ----A---- C:\boot.ini
2011-08-19 13:56:19 ----D---- C:\Documents and Settings\xxx\Data aplikací\Xfire
2011-08-19 12:26:42 ----D---- C:\Program Files\Xfire
2011-08-18 23:46:08 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-08-18 11:48:38 ----A---- C:\Documents and Settings\xxx\Data aplikací\burnaware.ini
2011-08-17 00:36:29 ----D---- C:\Program Files\Mozilla Firefox
2011-08-16 18:18:14 ----A---- C:\WINDOWS\wincmd.ini
2011-08-08 17:16:57 ----D---- C:\WINDOWS\system32\DirectX
2011-08-08 17:16:54 ----HD---- C:\WINDOWS\inf
2011-08-08 17:04:07 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-08 16:55:04 ----D---- C:\Program Files\Call of Duty
2011-08-08 13:38:48 ----D---- C:\Documents and Settings\xxx\Data aplikací\ICQ
2011-07-30 19:07:53 ----D---- C:\Documents and Settings\xxx\Data aplikací\OpenCandy
2011-07-30 14:21:00 ----A---- C:\WINDOWS\iun6002.exe
2011-07-28 21:01:59 ----D---- C:\Documents and Settings\xxx\Data aplikací\Skype
2011-07-28 20:28:43 ----D---- C:\Documents and Settings\xxx\Data aplikací\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-09 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-04 5075968]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 USB_RNDIS;USB Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 are4nisc;are4nisc; C:\WINDOWS\system32\drivers\are4nisc.sys []
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 PBDOWNFORCE_SERVICE;PBDOWNFORCE_SERVICE; \??\D:\internet\COD\rider\PBDownforce.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RivaTuner32;RivaTuner32; \??\D:\internet\RivaTuner v2.0 RC 16.1\RivaTuner32.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys [2010-12-20 19680]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-16 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-16 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-08-18 214520]
R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-12-20 602872]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-01-01 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-01-01 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Přispějete na provoz fóra?