Kontrola logu

Zpráva

Balca · #1 Příspěvek od **Balca** » 20 říj 2011 16:17

Dobrý den,prosím nemohli byste mi zkontrolovat log...příjde mi někdy docela zpomalený...Děkuji.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Balca at 17:15:31 on 2011-10-20
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1333 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\WINDOWS\system32\rundll32.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.centrum.cz/#utm_source=icq&utm_medium=generic
uSearch Page = hxxp://search.localstrike.net/
mDefault_Page_URL = hxxp://search.localstrike.net/
mDefault_Search_URL = hxxp://search.localstrike.net/
mSearch Page = hxxp://search.localstrike.net/
mStart Page = hxxp://search.localstrike.net/
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe"
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Greenshot] c:\program files\greenshot\Greenshot.exe
uRun: [Google Update] "c:\documents and settings\balca\local settings\data aplikací\google\update\GoogleUpdate.exe" /c
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [AdobeBridge]
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
StartupFolder: c:\docume~1\balca\nabdka~1\programy\posput~1\dropbox.lnk - c:\documents and settings\balca\data aplikací\dropbox\bin\Dropbox.exe
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\icq7.6\ICQ.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.5.1
TCP: Interfaces\{5DBF87F9-986F-4E8F-A992-FBB22CE37BB3} : DhcpNameServer = 192.168.5.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\balca\data aplikací\mozilla\firefox\profiles\xdpwd79x.default\
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-5-27 218688]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-12-21 94872]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-1-12 810144]
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2011-10-15 247872]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-4-19 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-4-19 399416]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2011-9-25 27632]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-25 136176]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2006-3-2 3584]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-5-25 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-25 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-9-7 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-9-7 11104]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\sony ericsson\sony ericsson pc companion\PCCService.exe [2011-9-7 155344]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-10-16 13:05:39 -------- d-----w- c:\documents and settings\balca\data aplikací\Media Player Classic
2011-10-16 12:52:41 -------- d-----w- c:\program files\Convert AVI to MP4
2011-10-15 11:36:29 -------- d-----w- c:\program files\ICQ6Toolbar
2011-10-15 11:35:34 -------- d-----w- c:\documents and settings\balca\data aplikací\ICQ
2011-10-15 11:35:29 -------- d-----w- c:\program files\ICQ7.6
2011-10-10 09:09:40 4550304 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2011-10-01 10:53:30 -------- d-----w- c:\documents and settings\balca\data aplikací\Thinstall
2011-10-01 10:46:38 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-10-01 10:46:37 389120 ----a-w- c:\windows\system32\actskn43.ocx
2011-09-27 14:10:18 -------- d-----w- C:\Counter-Strike 1.6
2011-09-25 15:47:49 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2011-09-24 18:40:09 -------- d-----w- c:\documents and settings\balca\data aplikací\DVDVideoSoft
2011-09-24 18:40:04 -------- d-----w- c:\program files\DVDVideoSoft
2011-09-24 18:40:04 -------- d-----w- c:\program files\common files\DVDVideoSoft
.
==================== Find3M ====================
.
2011-10-17 16:10:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41:42 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41:42 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12:04 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10:02 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 20:29:42 910920 ----a-w- c:\windows\system32\pwNative.exe
2011-09-02 20:29:40 16472 ------w- c:\windows\system32\pwdrvio.sys
2011-09-02 20:29:36 11104 ------w- c:\windows\system32\pwdspio.sys
2011-08-22 23:41:24 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41:23 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41:23 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ------w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-07-23 16:37:25 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-23 16:37:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 17:15:38,92 ===============

Balca · #2 Příspěvek od **Balca** » 20 říj 2011 16:22

a ještě z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Balca at 2011-10-20 17:21:58
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 75 GB (75%) free of 100 GB
Total RAM: 2046 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:22:01, on 20.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\SYSTEM\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Balca.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 9533 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Defrag Job #00.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-839522115-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-839522115-682003330-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Balca\Data aplikací\Mozilla\Firefox\Profiles\xdpwd79x.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.4&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Balca\Data aplikací\Mozilla\Firefox\Profiles\xdpwd79x.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-14 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-09-14 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-23 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-14 305328]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2011-08-17 1055808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-11-02 19580520]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-17 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-17 86016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-07-24 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Greenshot"=C:\Program Files\Greenshot\Greenshot.exe [2010-07-12 548864]
"Google Update"=C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"AdobeBridge"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-09-14 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-09-05 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cracked Steam Service]
c:\program files\steam\Cracked Steam.exe /SERVICE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.6\ICQ.exe [2011-10-15 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Secunia PSI Tray.lnk]
C:\PROGRA~1\Secunia\PSI\psi_tray.exe [2011-04-19 291896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Balca^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
C:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Balca^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
C:\DOCUME~1\Balca\DATAAP~1\Dropbox\bin\Dropbox.exe [2011-05-25 24176560]

C:\Documents and Settings\Balca\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Counter-Strike 1.6\csko.exe"="C:\Counter-Strike 1.6\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Counter-Strike 1.6\hl.exe"="C:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Cracked Steam\steam.exe"="C:\Program Files\Cracked Steam\steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\balca30\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\balca30\counter-strike\hl.exe:*:Disabled:Counter-Strike"
"C:\counter-strike\csko.exe"="C:\counter-strike\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\SYSTEM\Dokumenty\Downloads\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter Strike Source 2010\hl2.exe"="D:\SYSTEM\Dokumenty\Downloads\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter Strike Source 2010\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Cracked Steam\steamapps\balca30\half-life\hl.exe"="C:\Program Files\Cracked Steam\steamapps\balca30\half-life\hl.exe:*:Enabled:Half-Life"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Cracked Steam\steamapps\balca30\counter-strike\hl.exe"="C:\Program Files\Cracked Steam\steamapps\balca30\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2011-10-20 17:21:58 ----D---- C:\Program Files\trend micro
2011-10-16 16:29:23 ----SHD---- C:\Config.Msi
2011-10-16 15:05:39 ----D---- C:\Documents and Settings\Balca\Data aplikací\Media Player Classic
2011-10-16 14:52:41 ----D---- C:\Program Files\Convert AVI to MP4
2011-10-15 13:36:29 ----D---- C:\Program Files\ICQ6Toolbar
2011-10-15 13:36:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-10-15 13:35:34 ----D---- C:\Documents and Settings\Balca\Data aplikací\ICQ
2011-10-15 13:35:29 ----D---- C:\Program Files\ICQ7.6
2011-10-12 15:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-12 15:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-10-12 15:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-01 12:53:30 ----D---- C:\Documents and Settings\Balca\Data aplikací\Thinstall
2011-10-01 12:46:38 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2011-09-27 16:10:18 ----D---- C:\Counter-Strike 1.6
2011-09-25 17:47:49 ----A---- C:\WINDOWS\system32\drivers\seehcri.sys
2011-09-24 20:40:09 ----D---- C:\Documents and Settings\Balca\Data aplikací\DVDVideoSoft
2011-09-24 20:40:04 ----D---- C:\Program Files\DVDVideoSoft
2011-09-24 20:40:04 ----D---- C:\Program Files\Common Files\DVDVideoSoft

======List of files/folders modified in the last 1 month======

2011-10-20 17:21:58 ----RD---- C:\Program Files
2011-10-20 17:21:58 ----D---- C:\WINDOWS\Temp
2011-10-20 17:17:45 ----D---- C:\Documents and Settings\Balca\Data aplikací\Skype
2011-10-20 17:15:32 ----D---- C:\WINDOWS\Prefetch
2011-10-20 16:15:16 ----D---- C:\Documents and Settings\Balca\Data aplikací\uTorrent
2011-10-20 16:15:12 ----D---- C:\WINDOWS
2011-10-20 16:14:55 ----D---- C:\Program Files\CCleaner
2011-10-20 14:18:29 ----D---- C:\Documents and Settings\Balca\Data aplikací\Dropbox
2011-10-19 22:12:35 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-10-16 16:29:26 ----SHD---- C:\WINDOWS\Installer
2011-10-16 16:29:07 ----RD---- C:\Program Files\Skype
2011-10-16 15:06:30 ----D---- C:\Documents and Settings\Balca\Data aplikací\vlc
2011-10-16 10:09:30 ----D---- C:\WINDOWS\Debug
2011-10-15 13:36:38 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-12 15:24:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-12 15:24:35 ----D---- C:\WINDOWS\system32
2011-10-12 15:24:35 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-12 15:24:35 ----D---- C:\Program Files\Internet Explorer
2011-10-12 15:19:30 ----RSD---- C:\WINDOWS\assembly
2011-10-12 15:19:30 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-12 15:05:25 ----HD---- C:\WINDOWS\inf
2011-10-12 15:05:11 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-12 15:03:48 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-12 15:03:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-10-12 15:02:45 ----D---- C:\WINDOWS\system32\drivers
2011-10-12 15:02:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-12 15:02:12 ----D---- C:\WINDOWS\WinSxS
2011-10-12 15:00:28 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-11 07:55:56 ----D---- C:\Program Files\Mozilla Firefox
2011-10-09 14:37:37 ----SH---- C:\boot.ini
2011-10-03 10:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-10-02 19:56:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-10-01 21:21:06 ----D---- C:\Documents and Settings\Balca\Data aplikací\Mozilla
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\uiautomationcore.dll
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2011-09-26 11:41:20 ----A---- C:\WINDOWS\system32\oleacc.dll
2011-09-25 17:49:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-09-25 17:48:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-09-25 17:47:32 ----D---- C:\Program Files\Sony Ericsson
2011-09-24 20:40:04 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-05-27 218688]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-11-02 6188648]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-17 6557408]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-01-14 277352]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2011-09-25 27632]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mbr;mbr; \??\C:\DOCUME~1\Balca\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2011-08-17 247872]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-23 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-17 159812]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2006-03-02 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-14 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

#3 Příspěvek od **motji** » 20 říj 2011 19:36

Dobrý večer

Co uděláme s tím nelegálním NODem?

Balca · #4 Příspěvek od **Balca** » 20 říj 2011 20:23

Zdravím....já mám 30 denní verzi ta je nelegální?...před tím jsem tam měl cracklou verzi ,ale tu jsem odinstaloval a nahodil jsem tam 30 denní.

#5 Příspěvek od **motji** » 21 říj 2011 06:19

ANo, pokud ji používáte stále dokola. 30 denní verze slouží pouze k vyzkoušení, pak si ho musíte koupit.
Doporučuji NOD odinstalovat a dát Avast, který je zadarmo a na stejné, ne li lepší urovni.
Až ho nainstalujete, vložte nový log ze rsitu a pak budeme pokračovat

Balca · #6 Příspěvek od **Balca** » 21 říj 2011 13:57

ESET odinstalován a nainstalován AVAST....

zde log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Balca at 2011-10-21 14:55:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 75 GB (75%) free of 100 GB
Total RAM: 2046 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:55:20, on 21.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\SYSTEM\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Balca.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 9736 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Defrag Job #00.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-839522115-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-839522115-682003330-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Balca\Data aplikací\Mozilla\Firefox\Profiles\xdpwd79x.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.4&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Balca\Data aplikací\Mozilla\Firefox\Profiles\xdpwd79x.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-14 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-09-14 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-23 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-14 305328]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2011-08-17 1055808]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-11-02 19580520]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-17 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-17 86016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-07-24 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Greenshot"=C:\Program Files\Greenshot\Greenshot.exe [2010-07-12 548864]
"Google Update"=C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"AdobeBridge"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-09-14 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-09-05 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cracked Steam Service]
c:\program files\steam\Cracked Steam.exe /SERVICE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.6\ICQ.exe [2011-10-15 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Secunia PSI Tray.lnk]
C:\PROGRA~1\Secunia\PSI\psi_tray.exe [2011-04-19 291896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Balca^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
C:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Balca^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
C:\DOCUME~1\Balca\DATAAP~1\Dropbox\bin\Dropbox.exe [2011-05-25 24176560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Counter-Strike 1.6\csko.exe"="C:\Counter-Strike 1.6\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Counter-Strike 1.6\hl.exe"="C:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Cracked Steam\steam.exe"="C:\Program Files\Cracked Steam\steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\balca30\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\balca30\counter-strike\hl.exe:*:Disabled:Counter-Strike"
"C:\counter-strike\csko.exe"="C:\counter-strike\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\SYSTEM\Dokumenty\Downloads\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter Strike Source 2010\hl2.exe"="D:\SYSTEM\Dokumenty\Downloads\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter Strike Source 2010\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Cracked Steam\steamapps\balca30\half-life\hl.exe"="C:\Program Files\Cracked Steam\steamapps\balca30\half-life\hl.exe:*:Enabled:Half-Life"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Cracked Steam\steamapps\balca30\counter-strike\hl.exe"="C:\Program Files\Cracked Steam\steamapps\balca30\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2011-10-21 14:35:58 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-10-21 14:35:58 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-10-21 14:35:56 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-10-21 14:35:56 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-10-21 14:35:56 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-10-21 14:35:55 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-10-21 14:35:55 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-10-21 14:35:54 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-10-21 14:35:47 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-10-21 14:35:47 ----A---- C:\WINDOWS\avastSS.scr
2011-10-21 14:35:41 ----D---- C:\Program Files\AVAST Software
2011-10-21 14:35:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-10-20 17:21:58 ----D---- C:\Program Files\trend micro
2011-10-16 16:29:23 ----SHD---- C:\Config.Msi
2011-10-16 15:05:39 ----D---- C:\Documents and Settings\Balca\Data aplikací\Media Player Classic
2011-10-16 14:52:41 ----D---- C:\Program Files\Convert AVI to MP4
2011-10-15 13:36:29 ----D---- C:\Program Files\ICQ6Toolbar
2011-10-15 13:36:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-10-15 13:35:34 ----D---- C:\Documents and Settings\Balca\Data aplikací\ICQ
2011-10-15 13:35:29 ----D---- C:\Program Files\ICQ7.6
2011-10-12 15:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-12 15:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-10-12 15:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-01 12:53:30 ----D---- C:\Documents and Settings\Balca\Data aplikací\Thinstall
2011-10-01 12:46:38 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2011-09-27 16:10:18 ----D---- C:\Counter-Strike 1.6
2011-09-25 17:47:49 ----A---- C:\WINDOWS\system32\drivers\seehcri.sys
2011-09-24 20:40:09 ----D---- C:\Documents and Settings\Balca\Data aplikací\DVDVideoSoft
2011-09-24 20:40:04 ----D---- C:\Program Files\DVDVideoSoft
2011-09-24 20:40:04 ----D---- C:\Program Files\Common Files\DVDVideoSoft

======List of files/folders modified in the last 1 month======

2011-10-21 14:52:01 ----D---- C:\Documents and Settings\Balca\Data aplikací\Skype
2011-10-21 14:50:07 ----D---- C:\WINDOWS\Temp
2011-10-21 14:43:15 ----D---- C:\WINDOWS\Prefetch
2011-10-21 14:43:02 ----D---- C:\Documents and Settings\Balca\Data aplikací\Dropbox
2011-10-21 14:42:53 ----D---- C:\WINDOWS
2011-10-21 14:41:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-21 14:41:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-21 14:35:58 ----D---- C:\WINDOWS\system32\drivers
2011-10-21 14:35:52 ----SHD---- C:\WINDOWS\Installer
2011-10-21 14:35:52 ----D---- C:\WINDOWS\WinSxS
2011-10-21 14:35:47 ----D---- C:\WINDOWS\system32
2011-10-21 14:35:41 ----RD---- C:\Program Files
2011-10-21 14:35:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-10-21 14:35:24 ----HD---- C:\WINDOWS\inf
2011-10-20 16:15:16 ----D---- C:\Documents and Settings\Balca\Data aplikací\uTorrent
2011-10-20 16:14:55 ----D---- C:\Program Files\CCleaner
2011-10-16 16:29:07 ----RD---- C:\Program Files\Skype
2011-10-16 15:06:30 ----D---- C:\Documents and Settings\Balca\Data aplikací\vlc
2011-10-16 10:09:30 ----D---- C:\WINDOWS\Debug
2011-10-15 13:36:38 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-12 15:24:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-12 15:24:35 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-12 15:24:35 ----D---- C:\Program Files\Internet Explorer
2011-10-12 15:19:30 ----RSD---- C:\WINDOWS\assembly
2011-10-12 15:19:30 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-12 15:05:11 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-12 15:03:48 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-12 15:03:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-10-12 15:02:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-11 07:55:56 ----D---- C:\Program Files\Mozilla Firefox
2011-10-09 14:37:37 ----SH---- C:\boot.ini
2011-10-03 10:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-10-01 21:21:06 ----D---- C:\Documents and Settings\Balca\Data aplikací\Mozilla
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\uiautomationcore.dll
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2011-09-26 11:41:20 ----A---- C:\WINDOWS\system32\oleacc.dll
2011-09-25 17:49:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-09-25 17:48:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-09-25 17:47:32 ----D---- C:\Program Files\Sony Ericsson
2011-09-24 20:40:04 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-05-27 218688]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-11-02 6188648]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-17 6557408]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-01-14 277352]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2011-09-25 27632]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2011-08-17 247872]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-23 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-17 159812]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2006-03-02 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-14 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#7 Příspěvek od **motji** » 21 říj 2011 15:53

Tohle je legální?
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cracked Steam Service]

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

c:\program files\steam\Cracked Steam.exe /SERVICE []

Balca · #8 Příspěvek od **Balca** » 21 říj 2011 20:24

Dobrý večer,ve složce Program Files není žádná složka Steam

http://imageshack.us/photo/my-images/19 ... 21211.png/

#9 Příspěvek od **motji** » 21 říj 2011 20:42

Tak jinak, používáte ten program?

Balca · #10 Příspěvek od **Balca** » 22 říj 2011 09:41

Dobré den,ne nepoužívám již před několika týdny jsem ho odinstaloval.

#11 Příspěvek od **motji** » 22 říj 2011 11:19

Dobře, tak to smažeme. Já tu budu večer

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Balca · #12 Příspěvek od **Balca** » 22 říj 2011 12:09

EXTRAS:OTL Extras logfile created on: 22.10.2011 12:47:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\SYSTEM\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,24% Memory free
5,85 Gb Paging File | 5,31 Gb Available in Paging File | 90,76% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 73,22 Gb Free Space | 74,98% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 336,04 Gb Free Space | 91,29% Space Free | Partition Type: NTFS

Computer Name: PCBALCA | User Name: Balca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1708537768-839522115-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.6\ICQ.exe" = C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Counter-Strike 1.6\csko.exe" = C:\Counter-Strike 1.6\csko.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever
"C:\Counter-Strike 1.6\hl.exe" = C:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"C:\Program Files\Cracked Steam\steam.exe" = C:\Program Files\Cracked Steam\steam.exe:*:Enabled:Steam
"C:\Program Files\Steam\steamapps\balca30\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\balca30\counter-strike\hl.exe:*:Disabled:Counter-Strike
"C:\counter-strike\csko.exe" = C:\counter-strike\csko.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\SYSTEM\Dokumenty\Downloads\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter Strike Source 2010\hl2.exe" = D:\SYSTEM\Dokumenty\Downloads\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter.Strike.Source.2010.Orange.Box.NoSteam.[Setti]\Counter Strike Source 2010\hl2.exe:*:Enabled:hl2
"C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Cracked Steam\steamapps\balca30\half-life\hl.exe" = C:\Program Files\Cracked Steam\steamapps\balca30\half-life\hl.exe:*:Enabled:Half-Life
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
"C:\Program Files\Cracked Steam\steamapps\balca30\counter-strike\hl.exe" = C:\Program Files\Cracked Steam\steamapps\balca30\counter-strike\hl.exe:*:Enabled:Counter-Strike
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe" = C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\ICQ7.6\ICQ.exe" = C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B52F8C4B-FE88-4B59-9B80-1C93669D7DEB}_is1" = OpenWith.org 1.0.3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1" = MiniTool Partition Wizard Home Edition 7.0
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Balíček ovladače systému Windows - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Automatické vypnutí počítače (AVP)_is1" = Automatické vypnutí počítače 1.0
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DAEMON Tools Lite" = DAEMON Tools Lite
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8.13.908
"Greenshot_is1" = Greenshot
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.0.0
"Mafia Game" = Mafia Game
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"Tweak UI 2.10" = Tweak UI
"UltimateDefrag" = Disktrix UltimateDefrag
"Update Engine" = Sony Ericsson Update Engine
"Update Service" = Update Service
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Mobile Device Handbook" = Příručka k zařízení MDA Compact IV se systémem Windows Mobile®
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 6.3.5
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1708537768-839522115-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6_is1" = Counter-Strike 1.6 v42
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 31.7.2011 10:49:13 | Computer Name = PCBALCA | Source = Application Error | ID = 1000
Description = Chybující aplikace hl.exe, verze 1.1.1.1, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x0a57e650.

Error - 31.7.2011 11:33:47 | Computer Name = PCBALCA | Source = Application Error | ID = 1000
Description = Chybující aplikace javaw.exe, verze 6.0.260.3, chybující modul nvoglnt.dll,
verze 6.14.11.7519, adresa chyby 0x0034511d.

Error - 31.7.2011 11:52:40 | Computer Name = PCBALCA | Source = Application Error | ID = 1000
Description = Chybující aplikace javaw.exe, verze 6.0.260.3, chybující modul nvoglnt.dll,
verze 6.14.11.7519, adresa chyby 0x0034510b.

Error - 1.8.2011 11:09:36 | Computer Name = PCBALCA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 2.8.2011 6:07:55 | Computer Name = PCBALCA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 2.8.2011 11:18:02 | Computer Name = PCBALCA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 9.8.2011 2:00:21 | Computer Name = PCBALCA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 12.8.2011 13:32:03 | Computer Name = PCBALCA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 15.8.2011 7:19:08 | Computer Name = PCBALCA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 16.8.2011 4:35:22 | Computer Name = PCBALCA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

[ System Events ]
Error - 21.10.2011 5:08:16 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.

Error - 21.10.2011 5:08:16 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 21.10.2011 8:11:12 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.

Error - 21.10.2011 8:11:12 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 21.10.2011 8:42:51 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.

Error - 21.10.2011 8:42:51 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 21.10.2011 12:08:42 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.

Error - 21.10.2011 12:08:42 | Computer Name = PCBALCA | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 21.10.2011 13:35:10 | Computer Name = PCBALCA | Source = HTTP | ID = 15005
Description = Nelze vytvořit vazbu k základnímu přenosu pro 0.0.0.0:2869. Seznam
protokolu IP jen pro naslouchání (Listen-Only) pravděpodobně obsahuje odkaz na
rozhraní, které v tomto počítači nemusí existovat. Číslo chyby se nachází v poli
s daty.

Error - 21.10.2011 13:35:10 | Computer Name = PCBALCA | Source = HTTP | ID = 15005
Description = Nelze vytvořit vazbu k základnímu přenosu pro 0.0.0.0:2869. Seznam
protokolu IP jen pro naslouchání (Listen-Only) pravděpodobně obsahuje odkaz na
rozhraní, které v tomto počítači nemusí existovat. Číslo chyby se nachází v poli
s daty.

< End of report >

Balca · #13 Příspěvek od **Balca** » 22 říj 2011 12:10

OTL:

OTL logfile created on: 22.10.2011 12:47:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\SYSTEM\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,24% Memory free
5,85 Gb Paging File | 5,31 Gb Available in Paging File | 90,76% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 73,22 Gb Free Space | 74,98% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 336,04 Gb Free Space | 91,29% Space Free | Partition Type: NTFS

Computer Name: PCBALCA | User Name: Balca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.22 12:43:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\SYSTEM\Plocha\OTL.exe
PRC - [2011.09.30 17:12:41 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.08.17 11:04:36 | 000,247,872 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2011.04.19 08:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011.04.19 08:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2010.07.12 07:52:50 | 000,548,864 | ---- | M] () -- C:\Program Files\Greenshot\Greenshot.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2011.10.21 21:09:55 | 001,600,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11102101\algo.dll
MOD - [2011.10.21 15:48:06 | 000,239,432 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11102101\aswRep.dll
MOD - [2011.10.21 14:05:34 | 001,599,488 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11102100\algo.dll
MOD - [2011.10.20 01:24:36 | 000,239,432 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11102100\aswRep.dll
MOD - [2011.10.12 15:19:54 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.12 15:04:12 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.12 15:04:08 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.12 15:03:56 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.12 15:03:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.12 15:02:55 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.09.30 17:12:40 | 000,412,728 | ---- | M] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\14.0.835.202\ppgooglenaclpluginchrome.dll
MOD - [2011.09.30 17:12:39 | 003,696,184 | ---- | M] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011.09.30 17:11:32 | 000,339,000 | ---- | M] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\14.0.835.202\Locales\cs.dll
MOD - [2011.09.30 17:11:13 | 000,142,568 | ---- | M] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011.09.30 17:11:12 | 000,253,320 | ---- | M] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011.09.30 17:11:10 | 002,403,240 | ---- | M] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011.08.17 11:04:36 | 000,247,872 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
MOD - [2010.07.12 07:52:50 | 000,548,864 | ---- | M] () -- C:\Program Files\Greenshot\Greenshot.exe
MOD - [2010.07.12 07:52:48 | 000,028,672 | ---- | M] () -- C:\Program Files\Greenshot\GreenshotPlugin.dll
MOD - [2009.11.05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2008.04.14 08:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.08.17 11:04:36 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011.06.29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011.04.19 08:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011.04.19 08:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - [2011.09.25 17:47:49 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.09.06 22:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.09.02 22:29:40 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2011.09.02 22:29:36 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2011.05.27 14:53:22 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.01.14 09:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.11.02 13:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009.11.18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.localstrike.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.localstrike.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.localstrike.net/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1708537768-839522115-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.localstrike.net/
IE - HKU\S-1-5-21-1708537768-839522115-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
IE - HKU\S-1-5-21-1708537768-839522115-682003330-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1708537768-839522115-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1708537768-839522115-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.3.4&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Balca\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Balca\Data aplikací\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.10.21 14:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.30 19:51:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.06.09 17:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Balca\Data aplikací\Mozilla\Extensions
[2011.10.15 13:36:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Balca\Data aplikací\Mozilla\Firefox\Profiles\xdpwd79x.default\extensions
[2011.10.15 13:36:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Balca\Data aplikací\Mozilla\Firefox\Profiles\xdpwd79x.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.07.23 18:37:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.10.16 16:29:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.07.23 18:37:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BALCA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\XDPWD79X.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2011.10.21 14:35:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.07.23 18:37:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.27 18:10:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.09.30 19:51:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.03 02:43:44 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.03 02:43:44 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.03 02:43:44 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.03 02:43:44 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.03 02:43:44 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Balca\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Balca\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Balca\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Balca\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Balca\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AdBlock = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.4.28_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
CHR - Extension: Picnik = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\inmnggcpelemfookhlhkdfbechcdadfp\1.0.6_0\
CHR - Extension: Auto HD For YouTube = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\1.6_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: YouTube Enhancer = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lmgegjjnjebkemeciiceihndnkamgpih\1.0_0\
CHR - Extension: Facebook Sidebar Chat Reversion = C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfophgoebcoehkldfgeffhnlcabhhomn\1.5_0\

O1 HOSTS File: ([2006.03.02 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-1708537768-839522115-682003330-1004..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1708537768-839522115-682003330-1004..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1708537768-839522115-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.5.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DBF87F9-986F-4E8F-A992-FBB22CE37BB3}: DhcpNameServer = 192.168.5.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Balca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Balca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.24 07:41:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.10.22 12:43:42 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\SYSTEM\Plocha\OTL.exe
[2011.10.21 14:35:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2011.10.21 14:35:58 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.10.21 14:35:58 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.10.21 14:35:56 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.10.21 14:35:56 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.10.21 14:35:56 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.10.21 14:35:55 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.10.21 14:35:55 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.10.21 14:35:54 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.10.21 14:35:47 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.10.21 14:35:47 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.10.21 14:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.10.21 14:35:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.10.20 17:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.20 17:13:38 | 000,000,000 | R--D | C] -- D:\SYSTEM\Dokumenty\Filmy
[2011.10.20 17:13:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Filmy
[2011.10.20 16:15:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Balca\Recent
[2011.10.16 16:29:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.16 15:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Balca\Data aplikací\Media Player Classic
[2011.10.16 14:52:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Convert AVI to MP4
[2011.10.16 14:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Convert AVI to MP4
[2011.10.15 20:34:42 | 000,000,000 | ---D | C] -- D:\SYSTEM\Dokumenty\ICQ
[2011.10.15 13:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ICQ7.6
[2011.10.15 13:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2011.10.15 13:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.10.15 13:35:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Balca\Data aplikací\ICQ
[2011.10.15 13:35:29 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.6
[2011.10.14 15:15:55 | 000,000,000 | ---D | C] -- D:\SYSTEM\Dokumenty\2011-10-09.12.53.48
[2011.10.09 14:48:50 | 000,000,000 | ---D | C] -- D:\SYSTEM\Dokumenty\Nová složka
[2011.10.09 14:45:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\PackageAware
[2011.10.01 12:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Balca\Data aplikací\Thinstall
[2011.10.01 12:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\STDUConverter
[2011.09.27 16:11:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Balca\Nabídka Start\Programy\Counter-Strike 1.6
[2011.09.27 16:10:18 | 000,000,000 | ---D | C] -- C:\Counter-Strike 1.6
[2011.09.25 18:38:51 | 000,000,000 | ---D | C] -- D:\SYSTEM\Dokumenty\aaa
[2011.09.25 17:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Balca\Nabídka Start\Programy\Sony Ericsson
[2011.09.25 17:47:49 | 000,027,632 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\seehcri.sys
[2011.09.25 16:24:15 | 000,000,000 | ---D | C] -- D:\SYSTEM\Plocha\foto x10 mini pro
[2011.09.24 20:40:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Balca\Data aplikací\DVDVideoSoft
[2011.09.24 20:40:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DVDVideoSoft
[2011.09.24 20:40:04 | 000,000,000 | ---D | C] -- D:\SYSTEM\Dokumenty\DVDVideoSoft
[2011.09.24 20:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.09.24 20:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.22 12:49:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.22 12:43:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\SYSTEM\Plocha\OTL.exe
[2011.10.22 12:39:17 | 000,538,265 | ---- | M] () -- D:\SYSTEM\Plocha\PREZENTACE-MONITORY.odp
[2011.10.22 12:25:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.22 12:25:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.22 12:19:13 | 000,254,691 | ---- | M] () -- D:\SYSTEM\Plocha\lol.pdf
[2011.10.22 12:13:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-839522115-682003330-1004UA.job
[2011.10.22 09:23:43 | 000,186,097 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.10.22 09:23:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.21 20:22:27 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.21 18:53:57 | 000,559,682 | ---- | M] () -- D:\SYSTEM\Dokumenty\IMG.pdf
[2011.10.21 14:35:59 | 000,001,695 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.10.21 14:35:55 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.10.21 14:13:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-839522115-682003330-1004Core.job
[2011.10.20 16:14:56 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.10.17 18:10:47 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.10.17 10:24:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.16 16:38:25 | 000,612,535 | ---- | M] () -- D:\SYSTEM\Dokumenty\Fotografie6181.jpg
[2011.10.16 16:38:22 | 000,543,005 | ---- | M] () -- D:\SYSTEM\Dokumenty\Fotografie6180.jpg
[2011.10.16 16:38:18 | 000,625,438 | ---- | M] () -- D:\SYSTEM\Dokumenty\Fotografie6179.jpg
[2011.10.15 13:36:41 | 000,001,493 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.6.lnk
[2011.10.14 15:18:55 | 113,205,998 | ---- | M] () -- D:\SYSTEM\Dokumenty\slade87_GinTonicSE_v2.3.9.zip
[2011.10.14 15:18:32 | 003,280,619 | ---- | M] () -- D:\SYSTEM\Dokumenty\X10+Mini+Pro_Zombie+Panic+Kernel+v1.6.3_slade87.ftf.zip
[2011.10.14 15:08:47 | 000,348,295 | ---- | M] () -- D:\SYSTEM\Dokumenty\modules_GinTonicSE_v2.1.zip
[2011.10.12 15:24:48 | 003,523,504 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.12 15:02:30 | 000,435,718 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.12 15:02:30 | 000,432,600 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.10.12 15:02:30 | 000,079,564 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.10.12 15:02:30 | 000,068,614 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.09 14:37:37 | 000,000,223 | -HS- | M] () -- C:\boot.ini
[2011.10.06 20:13:52 | 000,002,125 | ---- | M] () -- D:\SYSTEM\Plocha\Google Chrome.lnk
[2011.10.03 10:31:24 | 005,971,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011.10.01 17:28:31 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\Defrag Job #00.job
[2011.09.27 21:10:24 | 166,307,382 | ---- | M] () -- D:\SYSTEM\Plocha\2011Chorvatsko.7z
[2011.09.27 16:11:36 | 000,001,410 | ---- | M] () -- D:\SYSTEM\Plocha\Counter-Strike 1.6.lnk
[2011.09.27 16:11:36 | 000,001,360 | ---- | M] () -- D:\SYSTEM\Plocha\Half-Life.lnk
[2011.09.26 11:41:42 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uiautomationcore.dll
[2011.09.26 11:41:42 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2011.09.26 11:41:42 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2011.09.26 11:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2011.09.25 17:49:06 | 000,000,762 | ---- | M] () -- D:\SYSTEM\Plocha\Update Service.lnk
[2011.09.25 17:47:49 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\seehcri.sys
[2011.09.25 15:43:39 | 000,720,020 | ---- | M] () -- D:\SYSTEM\Plocha\Prezentace-monitory-ICT.pdf
[2011.09.24 20:40:07 | 000,000,841 | ---- | M] () -- D:\SYSTEM\Plocha\Free Video Flip and Rotate.lnk
[2011.09.24 20:40:07 | 000,000,756 | ---- | M] () -- D:\SYSTEM\Plocha\DVDVideoSoft Free Studio.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.22 12:49:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.22 12:19:12 | 000,254,691 | ---- | C] () -- D:\SYSTEM\Plocha\lol.pdf
[2011.10.22 10:07:52 | 000,538,265 | ---- | C] () -- D:\SYSTEM\Plocha\PREZENTACE-MONITORY.odp
[2011.10.21 18:53:56 | 000,559,682 | ---- | C] () -- D:\SYSTEM\Dokumenty\IMG.pdf
[2011.10.21 14:35:59 | 000,001,695 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.10.16 16:38:20 | 000,612,535 | ---- | C] () -- D:\SYSTEM\Dokumenty\Fotografie6181.jpg
[2011.10.16 16:38:17 | 000,543,005 | ---- | C] () -- D:\SYSTEM\Dokumenty\Fotografie6180.jpg
[2011.10.16 16:38:14 | 000,625,438 | ---- | C] () -- D:\SYSTEM\Dokumenty\Fotografie6179.jpg
[2011.10.15 13:36:41 | 000,001,493 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.6.lnk
[2011.10.14 15:18:29 | 003,280,619 | ---- | C] () -- D:\SYSTEM\Dokumenty\X10+Mini+Pro_Zombie+Panic+Kernel+v1.6.3_slade87.ftf.zip
[2011.10.14 15:17:40 | 113,205,998 | ---- | C] () -- D:\SYSTEM\Dokumenty\slade87_GinTonicSE_v2.3.9.zip
[2011.10.14 15:08:45 | 000,348,295 | ---- | C] () -- D:\SYSTEM\Dokumenty\modules_GinTonicSE_v2.1.zip
[2011.10.01 12:46:38 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.10.01 12:46:37 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\actskn43.ocx
[2011.09.27 21:09:43 | 166,307,382 | ---- | C] () -- D:\SYSTEM\Plocha\2011Chorvatsko.7z
[2011.09.27 16:11:36 | 000,001,410 | ---- | C] () -- D:\SYSTEM\Plocha\Counter-Strike 1.6.lnk
[2011.09.27 16:11:36 | 000,001,360 | ---- | C] () -- D:\SYSTEM\Plocha\Half-Life.lnk
[2011.09.25 17:49:06 | 000,000,762 | ---- | C] () -- D:\SYSTEM\Plocha\Update Service.lnk
[2011.09.25 15:43:38 | 000,720,020 | ---- | C] () -- D:\SYSTEM\Plocha\Prezentace-monitory-ICT.pdf
[2011.09.24 20:40:07 | 000,000,841 | ---- | C] () -- D:\SYSTEM\Plocha\Free Video Flip and Rotate.lnk
[2011.09.24 20:40:07 | 000,000,756 | ---- | C] () -- D:\SYSTEM\Plocha\DVDVideoSoft Free Studio.lnk
[2011.09.08 16:35:58 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Data aplikací\$_hpcst$.hpc
[2011.09.07 18:38:38 | 000,910,920 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2011.09.07 18:38:37 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2011.09.07 18:38:37 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2011.08.11 22:11:28 | 000,000,030 | ---- | C] () -- C:\WINDOWS\avp.ini
[2011.07.23 11:13:05 | 000,001,628 | ---- | C] () -- C:\WINDOWS\System32\.ini
[2011.07.21 12:06:20 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Balca\Data aplikací\NMM-MetaData.db
[2011.06.04 09:36:30 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2011.05.26 17:27:07 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Balca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.26 16:21:13 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.05.26 14:04:53 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Balca\Data aplikací\$_hpcst$.hpc
[2011.05.25 06:53:26 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011.05.25 06:31:20 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.05.25 06:31:20 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.05.25 06:31:19 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.05.25 06:31:19 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.05.25 06:31:19 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.05.25 06:28:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.05.25 06:18:37 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011.05.25 06:08:30 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011.05.25 06:08:29 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011.05.25 06:08:29 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011.05.25 06:08:29 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011.05.25 06:08:29 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011.05.25 06:08:29 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011.05.25 06:08:29 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2011.05.25 06:08:27 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011.05.25 06:08:27 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011.05.24 09:17:47 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.24 09:15:12 | 003,523,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.05.24 07:42:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.24 07:39:42 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2006.03.02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 14:00:00 | 000,435,718 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 14:00:00 | 000,432,600 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 14:00:00 | 000,079,564 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 14:00:00 | 000,068,614 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll

========== LOP Check ==========

[2011.05.25 06:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Audacity
[2011.08.05 15:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\DAEMON Tools Lite
[2011.08.05 14:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Digiarty
[2011.10.21 21:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Dropbox
[2011.09.24 20:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\DVDVideoSoft
[2011.07.23 10:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\ESET
[2011.05.28 15:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\go
[2011.05.25 07:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Greenshot
[2011.10.16 10:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\ICQ
[2011.05.25 06:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\ImgBurn
[2011.07.21 12:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Nokia
[2011.07.22 10:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Nokia Multimedia Player
[2011.05.25 07:33:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\OpenOffice.org
[2011.07.29 13:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\OpenWith.org Cache
[2011.07.14 12:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\PC Suite
[2011.10.01 12:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Thinstall
[2011.10.21 20:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\uTorrent
[2011.10.21 14:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.05.27 14:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.07.12 10:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2011.06.05 18:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2011.10.21 14:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.10.15 13:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.07.14 12:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.07.14 12:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.07.24 21:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.08.09 09:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2011.10.01 17:28:31 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\Defrag Job #00.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Greenshot" = C:\Program Files\Greenshot\Greenshot.exe -- [2010.07.12 07:52:50 | 000,548,864 | ---- | M] ()
"Google Update" = "C:\Documents and Settings\Balca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.05.25 07:10:24 | 000,136,176 | ---- | M] (Google Inc.)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 16:50:20 | 001,289,000 | ---- | M] (Microsoft Corporation)
"AdobeBridge" =
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.10.13 09:27:14 | 017,351,304 | R--- | M] (Skype Technologies S.A.)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2011.09.14 19:57:44 | 000,039,408 | ---- | M] (Google Inc.)

< >

< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\System32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\System32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\System32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\System32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\System32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\System32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2006.03.02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\System32\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\System32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: FASTFAT.SYS >
[2006.03.02 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.14 00:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.14 00:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\System32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\System32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\System32\ReinstallBackups\0007\DriverFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\System32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\System32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\System32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\System32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\System32\drivers\ntfs.sys
[2006.03.02 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\System32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2006.03.02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\System32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\System32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\System32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2006.03.02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\System32\spoolsv.exe
[2008.04.14 08:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 08:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\System32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\System32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\System32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\System32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\System32\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 08:51:38 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 08:51:38 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 08:51:38 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 08:51:38 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 08:51:38 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 08:51:38 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 08:51:38 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2006.12.29 20:21:08 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 08:51:38 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 08:51:38 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 08:51:38 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 08:51:38 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 08:51:38 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 08:51:40 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007.04.02 21:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2006.03.02 14:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2006.03.02 14:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2011.09.07 19:01:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2011.09.07 19:02:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2006.12.29 20:02:50 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 08:51:56 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 08:52:06 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.10.21 14:35:55 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.10.17 18:10:47 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2011.10.22 09:23:43 | 000,186,097 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2011.05.24 09:14:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.05.24 09:14:15 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.05.24 09:14:15 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[36 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.05.24 09:17:25 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2010.03.01 23:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\java.exe
[2010.03.01 23:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 23:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 23:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 23:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 23:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 23:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 23:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 23:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 23:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\CS5\jre\bin\unpack200.exe
[2011.05.28 15:32:48 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\EasyBitsGO.exe
[2011.05.28 15:32:49 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\ezShell64Run.exe
[2011.05.28 15:32:50 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\Svc\GOUpdate.exe
[2007.04.02 06:45:08 | 044,338,384 | R--- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_EA.exe
[2011.07.14 12:39:58 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe
[2011.07.14 12:39:58 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe
[2011.07.14 12:39:58 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
[2011.09.18 17:27:39 | 000,154,744 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Documents and Settings\All Users\Data Aplikací\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\88\1\.cp\lib\win32\DeviceRemover.exe
[2011.09.18 17:27:28 | 000,158,840 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Documents and Settings\All Users\Data Aplikací\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\90\1\.cp\lib\win32\DriverInstaller.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

Balca · #14 Příspěvek od **Balca** » 22 říj 2011 12:11

< %APPDATA%\*. >
[2011.07.29 15:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Adobe
[2011.05.25 06:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Audacity
[2011.08.05 15:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\DAEMON Tools Lite
[2011.08.05 14:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Digiarty
[2011.10.21 21:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Dropbox
[2011.09.24 20:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\DVDVideoSoft
[2011.07.23 10:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\ESET
[2011.05.28 15:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\go
[2011.05.25 07:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Google
[2011.05.25 07:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Greenshot
[2011.10.16 10:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\ICQ
[2011.05.24 08:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Identities
[2011.05.25 06:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\ImgBurn
[2011.05.25 06:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Macromedia
[2011.07.23 21:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Malwarebytes
[2011.10.20 16:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Media Player Classic
[2011.07.27 14:42:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Balca\Data aplikací\Microsoft
[2011.10.01 21:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Mozilla
[2011.07.21 12:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Nokia
[2011.07.22 10:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Nokia Multimedia Player
[2011.05.25 07:33:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\OpenOffice.org
[2011.07.29 13:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\OpenWith.org Cache
[2011.07.14 12:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\PC Suite
[2011.10.22 12:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Skype
[2011.07.10 13:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\skypePM
[2011.05.25 07:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Sun
[2011.10.01 12:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\Thinstall
[2011.10.21 20:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\uTorrent
[2011.10.16 15:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\vlc
[2011.05.27 15:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Balca\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2011.05.26 14:04:53 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Balca\Data aplikací\$_hpcst$.hpc
[2011.05.24 09:17:25 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Balca\Data aplikací\desktop.ini
[2011.07.21 12:06:20 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Balca\Data aplikací\NMM-MetaData.db

< %APPDATA%\*.exe /s >
[2011.05.25 22:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Dropbox.exe
[2011.05.25 22:07:18 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Balca\Data aplikací\Dropbox\bin\Uninstall.exe
[2011.07.24 21:17:05 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Balca\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.06.05 17:35:43 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Balca\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.10.01 12:53:57 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\Balca\Data aplikací\Thinstall\STDU Converter version 1.0.85.0\40000017200002i\AcroRd32.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-28 10:20:13

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.22 12:49:22 | 000,000,512 | ---- | M] () MD5=0DE1112662A555B396F26D8C56510592 -- C:\PhysicalMBR.bin

< End of report >

#15 Příspěvek od **motji** » 22 říj 2011 18:37

Jak tak koukám, vezmeme to raději přes combofix

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu