Zdravim, poprosim o kontrolu. Diky
Logfile of random's system information tool 1.09 (written by random/random)
Run by HellRiser at 2011-12-26 12:03:32
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (4%) free of 38 GB
Total RAM: 3071 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:03:44, on 26.12.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\RTHDCPL.EXE
C:\windows\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\AVEO\AveoCap\AveoSTI.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mouse Driver\KMWDSrv.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\Program Files\System Control Manager\edd.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\svchost.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\HellRiser\Plocha\RSIT.exe
C:\Program Files\Trend Micro\HellRiser.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [AveoSTI.exe] C:\Program Files\AVEO\AveoCap\AveoSTI.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownload\adddownload.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 12823 bytes
======Scheduled tasks folder======
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default
prefs.js - "browser.startup.homepage" - "http://www.facebook.com/?ref=home"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-10-28 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD4C-013BA51E2871}]
E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuz2.dll [2010-10-18 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-10-28 503808]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{4322A444-92F8-4C3E-BD4C-013BA51E2871} - E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuz2.dll [2010-10-18 3908192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-20 8462336]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-10-16 16855552]
"AGRSMMSG"=C:\windows\AGRSMMSG.exe [2006-06-29 89541]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-09-15 815104]
"MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2007-10-19 180224]
"AveoSTI.exe"=C:\Program Files\AVEO\AveoCap\AveoSTI.exe [2007-11-06 24576]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"UnlockerAssistant"=C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe [2010-07-04 17408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2004-08-17 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-22 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
C:\Program Files\VersalSoft\InternetDownload\InternetDownload.exe [2009-01-05 361472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32]
cryptnet32.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-08-24 133120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\CyberLink\PowerDirector Express\PDX.exe"="C:\Program Files\CyberLink\PowerDirector Express\PDX.exe:*:Enabled:CyberLink PowerDirector Express"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\dc++\StrongDC.exe"="E:\dc++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Hry\NHL08\nhl2008.exe"="E:\Hry\NHL08\nhl2008.exe:*:Enabled:nhl2008"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"E:\Hry\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="E:\Hry\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Hry\Landwirtschafts Simulator 2011\game.exe"="E:\Hry\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Hry\Farming Simulator 2011\FarmingSimulator2011.exe"="E:\Hry\Farming Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Farming Simulator 2011"
"E:\Hry\Farming Simulator 2011\game.exe"="E:\Hry\Farming Simulator 2011\game.exe:*:Enabled:Farming Simulator 2011"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.iv41"=ir41_32.ax
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"vidc.XVID"=xvidvfw.dll
"SENTINEL"=snti386.dll
"msacm.vorbis"=vorbis.acm
"VIDC.DIVX"=divx.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.scr - open - "C:\windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-11-27 12:50:23 ----D---- C:\USB firemne
2011-11-27 09:47:52 ----D---- C:\NHL2012
======List of files/folders modified in the last 1 month======
2011-12-26 12:03:38 ----D---- C:\windows\temp
2011-12-26 12:03:34 ----D---- C:\Program Files\Trend Micro
2011-12-25 12:13:41 ----A---- C:\windows\wincmd.ini
2011-12-24 15:36:52 ----D---- C:\windows\Prefetch
2011-12-24 11:54:57 ----D---- C:\Program Files\Mozilla Firefox
2011-12-23 15:06:55 ----D---- C:\Documents and Settings\HellRiser\Data aplikací\Skype
2011-12-23 15:05:41 ----D---- C:\windows\system32\CatRoot2
2011-12-23 11:58:45 ----A---- C:\windows\SchedLgU.Txt
2011-12-10 16:04:37 ----D---- C:\Program Files\Opera
2011-12-06 21:41:51 ----SHD---- C:\windows\Installer
2011-12-06 21:41:29 ----RD---- C:\Program Files\Skype
2011-12-06 21:41:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 O2SDRDR;O2SDRDR; C:\windows\system32\DRIVERS\o2sd.sys [2007-04-02 35712]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\windows\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sonyhcb;Sony Digital Imaging Base; C:\windows\system32\DRIVERS\sonyhcb.sys [2001-11-05 6097]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2008-09-18 717296]
R0 TPkd;TPkd; C:\windows\system32\drivers\TPkd.sys [2008-09-08 93232]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdi;epfwtdi; C:\windows\system32\DRIVERS\epfwtdi.sys [2009-05-14 55768]
R1 intelppm;Řadič procesoru Intel; C:\windows\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 acedrv11;acedrv11; \??\C:\windows\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2008-09-25 279712]
R2 cvintdrv;cvintdrv; C:\windows\system32\drivers\cvintdrv.sys [2006-07-27 4096]
R2 eamon;eamon; C:\windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2008-09-25 25888]
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 SBKUPNT;SBKUPNT; \??\C:\windows\system32\Drivers\SBKUPNT.SYS []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\System32\DRIVERS\AGRSM.sys [2006-06-29 1160320]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-10-16 4615168]
R3 KMWDFilter;KMWDFilter; \??\C:\windows\System32\Drivers\KMWDFilter.SYS []
R3 MGHwCtrl;MGHwCtrl; \??\C:\WINDOWS\System32\drivers\MGHwCtrl.sys []
R3 mouhid;Ovladač myši standardu HID; C:\windows\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\windows\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2007-06-20 6804416]
R3 pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2008-09-18 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\System32\DRIVERS\Rtenicxp.sys [2007-09-19 101504]
R3 sdbus;sdbus; C:\windows\System32\DRIVERS\sdbus.sys [2004-08-03 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\System32\DRIVERS\SynTP.sys [2006-09-15 199104]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S0 O2MDRDR;O2MDRDR; C:\windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
S2 Sentinel;Sentinel; C:\windows\System32\Drivers\SENTINEL.SYS [2008-02-21 64512]
S3 aignj5dr;aignj5dr; C:\windows\system32\drivers\aignj5dr.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\windows\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2007-05-26 100992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\windows\system32\DRIVERS\NETw4x32.sys [2007-06-20 2208512]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PortTalk;PortTalk; C:\windows\System32\Drivers\PortTalk.sys [2002-01-12 3567]
S3 pwdrvio;pwdrvio; \??\C:\windows\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\windows\system32\pwdspio.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\windows\system32\DRIVERS\sffdisk.sys [2004-08-03 11136]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys [2004-08-03 10240]
S3 SliceDisk5;SliceDisk5; \??\C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 sonyhcs;Sony Digital Imaging Video; C:\windows\system32\DRIVERS\sonyhcs.sys [2001-11-05 299923]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\windows\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2006-11-30 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2006-11-22 53504]
S3 tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2006-10-27 40960]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\windows\system32\DRIVERS\w29n51.sys [2007-04-04 2210048]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2007-04-05 208896]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2006-07-25 57344]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2006-02-06 49152]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2007-06-20 155716]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-13 66872]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2004-08-17 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-07-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-16 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-01-27 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Poprosim o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Poprosim o kontrolu
Zdravim a pekne odpoledne preji 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit
Chybi Vam ServicePack 3, ktery resi mnoho chyb a problemu
Stahnete na plochu CKScanner
A jeste o jeden log poprosim - navod dle kolegy
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit Chybi Vam ServicePack 3, ktery resi mnoho chyb a problemu Stahnete na plochu CKScanner
- Spustte a kliknete na Search for files
- Po dokonceni skenu kliknete na Save List to File a nasledne OK
- Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
A jeste o jeden log poprosim - navod dle kolegy
Caroprd111 píše:
- Stiskněte "Enter".
- Program začne prohledávat PC, délka skenu závisí na množství (velikosti) souborů, ale obvykle netrvá déle než 5 minut.
- Po dokončení skenu na Vás vyskočí log, ten vložte do topicu. Log je také uložený na ploše.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosim o kontrolu
info.txt logfile of random's system information tool 1.08 2011-02-20 02:23:58
======Uninstall list======
DSound Simple Audio Pack 1 v2.4 - OxYGeN -->C:\Audio\SIMPLE~1\UNWISE.EXE C:\Audio\SIMPLE~1\INSTALL.LOG
-->"C:\Program Files\WildGames\John Deere Drive Green\Uninstall.exe"
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {3C3813E1-C370-4F32-9639-8B43C7C780CD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {685D17E5-D868-4A77-B58E-255DEBA78262}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {F67648A4-713E-4298-BBAD-A83D8283B0F3}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {FE295FA2-72FC-4859-85B3-0E6685DB13A4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}
ACDSee Pro-->MsiExec.exe /I{F99F74B4-972B-4B06-B893-6B3B0DB0128B}
Active@ Partition Manager-->"C:\Program Files\InstallShield Installation Information\{A98E3354-AD08-427C-A0AC-32221A3E6598}\setup.exe" -runfromtemp -l0x0009 -removeonly
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Audition 3.0-->msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}
Adobe Flash Player 10 ActiveX-->C:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player 11.5-->"C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Agere Systems HDA Modem-->agrsmdel
Aln Valley for BVE 4-->C:\Program Files\bve4\Uninstal.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Auto Gordian Knot 2.55-->C:\Program Files\AutoGK\uninst.exe
AutoCAD 2007 - Český-->MsiExec.exe /I{5783F2D7-5001-0405-0002-0060B0CE6BBA}
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove /q0
AveoCap-->C:\Program Files\InstallShield Installation Information\{5B73A65F-746A-4D50-B694-BA6A8DF6BC76}\setup.exe -runfromtemp -l0x0009 -removeonly
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
BS.Player PRO-->"C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
BVE 4-->MsiExec.exe /I{E52382DC-2E7A-439D-8ECE-A27D8B816645}
BVE Uchibo Line-->MsiExec.exe /I{9BD8D527-A96C-46DB-B076-48D34189B372}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
CompuApps SwissKnife V3-->C:\WINDOWS\ISUNINST.EXE -fC:\SWISNIFE\SKUninst.ISU -cC:\SWISNIFE\SKUNINST.DLL
CorelDRAW Graphics Suite 11-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{07A540AB-D785-11D5-8E89-0090275862A0}
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
DDR - Pen Drive Recovery (DEMO) 4.0.1.6-->C:\windows\UnDeploy.exe "C:\Program Files\DDR - Pen Drive Recovery (DEMO)\Deploy.log"
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office-->MsiExec.exe /X{90120000-00B2-041B-0000-0000000FF1CE}
DSound Promo (AW1)-->C:\windows\IsUninst.exe -f"C:\Program Files\DSound\Promo\Uninst.isu"
DSound Stomp'n FX Vol.2 v1.0-->C:\Audio\STOMPN~1\UNWISE.EXE C:\Audio\STOMPN~1\INSTALL.LOG
Emagic EVP73 VSTi v1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\emagic\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\emagic\INSTALL.LOG
EZdrummer-->MsiExec.exe /I{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
EZXDfh-->MsiExec.exe /I{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
Fraps-->"C:\Fraps\uninstall.exe"
Free 3GP Video Converter version 3.7.18-->"C:\Program Files\DVDVideoSoft\Free 3GP Video Converter\unins000.exe"
Free Sound Recorder v6.7-->"C:\Program Files\Free Sound Recorder\unins000.exe"
Free Video to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free Video to MP3 Converter\unins000.exe"
Freelancer-->"E:\hry\Freelancer\UNINSTAL.EXE" /runtemp /addremove
FreeOCR.net v2.1-->"C:\Program Files\FreeOCRnet\unins000.exe"
Freeware HTI PDF Creator 4.0-->"C:\Program Files\InstallShield Installation Information\{BEAB106B-2569-451F-974A-47ED3BEBC816}\setup.exe" -runfromtemp -l0x0409 -removeonly
Freeware HTI PDF Creator 4.0-->MsiExec.exe /I{BEAB106B-2569-451F-974A-47ED3BEBC816}
Google Earth Plug-in-->MsiExec.exe /X{171E6C1E-B5FC-11DF-B115-005056C00008}
Google Earth Pro-->MsiExec.exe /X{9578C0CD-8108-4379-9026-4601F59859A0}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HI-TECH C51-lite V9.60PL0-->"C:\Program Files\HI-TECH Software\HC51\lite\9.60\resources\setup.exe"
HI-TECH PICC lite V9.60PL0-->"C:\Program Files\HI-TECH Software\PICC\lite\9.60\resources\setup.exe"
Hitman: Contracts-->E:\Hry\HITMAN~2\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9 anything
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Interlok driver setup x32-->MsiExec.exe /X{25613C10-27D2-410B-942B-D922D5C3A7BE}
Internet Explorer-->MsiExec.exe /I{8A3F7D5D-8A53-4A7C-B6DA-22DD1212EB55}
inTone Guitar Demo 1.1.3-->"C:\Program Files\Audiffex\inTone Guitar Demo\unins000.exe"
Java 2 Runtime Environment, SE v1.4.2_19-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142190}
Java 2 SDK, SE v1.4.2_19-->MsiExec.exe /I{35A3A4F4-B792-11D6-A78A-00B0D0142190}
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Mega Codec Pack 5.1.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Last.fm 1.5.4.27091-->"C:\Program Files\Last.fm\unins000.exe"
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\windows\INF\swflash.inf,DefaultUninstall,5
Marsu-Fix 2.5-->"C:\windows\Marsu-Fix 2.5 Uninstaller.exe"
MediaShow-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall
Mercury 1-->C:\PROGRA~1\TCWorks\Mercury\UNWISE.EXE C:\PROGRA~1\TCWorks\Mercury\INSTALL.LOG
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - CSY-->C:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - CSY\install.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00BA-041B-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0044-041B-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00A1-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\windows\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
Mobile Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}\setup.exe" -l0x9 -removeonly
MOTORM4X-->"E:\hry\MOTORM4X Offroad Extreme\uninstall.exe"
Mouse Driver-->C:\Program Files\InstallShield Installation Information\{55BFC356-5A7B-482F-A213-9ACFDDFF6037}\setup.exe -runfromtemp -l0x0409
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
National Instruments Software-->"C:\Program Files\National Instruments\Shared\NIUninstaller\uninst.exe"
Native Instruments B4 v1.11-->C:\PROGRA~1\NATIVE~1\B4\UNWISE.EXE C:\PROGRA~1\NATIVE~1\B4\INSTALL.LOG
Native Instruments Battery v1.0-->C:\PROGRA~1\NATIVE~1\Battery\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Battery\INSTALL.LOG
Native Instruments FM7-->C:\PROGRA~1\NATIVE~1\Fm7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Fm7\INSTALL.LOG
Native Instruments Pro52 v2.5-->C:\PROGRA~1\NATIVE~1\Pro52\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Pro52\INSTALL.LOG
Nero 8-->MsiExec.exe /X{6F8A555E-F2E1-415D-AD8A-67C0A7671051}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NHL® 08-->MsiExec.exe /X{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}
NI EULA Depot-->MsiExec.exe /I{0BEA337D-71D0-44C7-A575-932612A00908}
NI MDF Support-->MsiExec.exe /I{53FE1175-1B37-4677-924C-62AFFCC83800}
Nokia Series 40 Theme Studio 2.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{138B53E6-34D8-45FF-89D7-1D54A44FA355}\setup.exe" -l0x9 -removeonly
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA GAME System Software 2.8.1-->MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}
NVIDIA PhysX SDK 2.8.1-->MsiExec.exe /I{83012AA4-027F-3721-A0C5-0D31FD58C5DF}
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O2Micro Flash Memory Card Reader Driver Installer(x86)-->MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Opera 11.01-->"C:\Program Files\Opera\Opera.exe" /uninstall
Oprava Hotfix systému Windows XP (KB909095)-->"C:\windows\$NtUninstallKB909095$\spuninst\spuninst.exe"
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
PowerBackup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDirector Express-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDVD Copy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
PunkBuster Services-->C:\windows\system32\pbsvc.exe -u
QIP 2005 Uninstall-->"C:\Program Files\QIP\unqip.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x001b -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x1b -removeonly
redist-->MsiExec.exe /I{153C7D89-9CF4-4719-A551-C5BF45236DB5}
rgcAudio z3ta+ v1.0-->C:\PROGRA~1\RGCAUD~1\Z3TA_~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\RGCAUD~1\Z3TA_~1\UNINST~1\INSTALL.LOG
ROCK AMP LEGENDS RTAS-->MsiExec.exe /I{89791B88-770B-4B4C-B759-BDC0DB3C7AC5}
ROCK AMP LEGENDS VST-->MsiExec.exe /I{B46C4F2E-8029-4004-B247-A8EA7E726972}
SH3cz verze 1.1 final-->"C:\Program Files\Ubisoft\Silent Hunter 3 čeština\unins000.exe"
Silent Hunter III-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7} /l1033
Space Synthesizer 1.2b-->"C:\Program Files\SpaceSynthesizer\uninst\unins000.exe"
Splash Beta-->MsiExec.exe /I{C941EC7F-1D8A-48B6-951C-FD5BE031B876}
Steinberg Cubase SX 1.01-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
Steinberg VoiceMachine v1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\STEINB~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\STEINB~1\INSTALL.LOG
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Control Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe" -l0x9 -removeonly
The Plan-->"E:\hry\The Plan\unins000.exe"
Theme Creator Pro 3.1.260 SR-1-->"C:\Program Files\SESoftware\Theme Creator Pro 3G\unins000.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Unlocker 1.9.0-->C:\Program Files\Unlocker\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VCD Menu Lite 2.00-->"C:\Program Files\Briggs Softworks\VCD Menu Lite\unins000.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VDownloader 3.0.712-->"C:\Program Files\VDownloader\unins000.exe"
Versal FileDownload ActiveX Control Trial Version-->C:\Program Files\Universal\UFileDownloadD\USetup.exe
VirtualBus A6C RC3-->"E:\hry\VirtualBus\unins000.exe"
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
Vuze_Remote Toolbar-->C:\PROGRA~1\VUZE_R~1\UNWISE.EXE /U C:\PROGRA~1\VUZE_R~1\INSTALL.LOG
Vuze-->C:\Program Files\Vuze\uninstall.exe
Waldorf.PPG.Wave2.V-OxYGeN-->C:\Audio\Waldorf\UNWISE.EXE C:\Audio\Waldorf\INSTALL.LOG
Warp VST V1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\INSTALL.LOG
WildTangent Games-->"C:\Program Files\WildGames\Uninstall.exe"
Winamp Toolbar for Firefox-->"\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp Toolbar for Internet Explorer-->"C:\Program Files\Winamp Toolbar\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinDjView 1.0.3-->C:\Program Files\WinDjView\uninstall.exe
Windows Imaging Component-->"C:\windows\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
World of Subways Vol.1-->C:\Program Files\InstallShield Installation Information\{891570B1-75CB-4281-8A00-742274F44973}\Setup.exe -runfromtemp -l0x0009 -removeonly
Xilisoft 3GP Video Converter 6-->C:\Program Files\Xilisoft\3GP Video Converter 6\Uninstall.exe
Xilisoft DVD Creator-->C:\Program Files\Xilisoft\DVD Creator3\Uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\windows\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD MPEG4 Video Codec (remove only)-->"C:\Program Files\XviD\xvid-uninstall.exe"
======Security center information======
AV: ESET Smart Security 4.0
FW: ESET personal firewall
======System event log======
Computer Name: HELLRISE666
Event Code: 36
Message: Služba Systémový čas nemohla synchronizovat systémový čas
o 49152 sekund, protože žádný ze zprostředkovatelů časových údajů neposkytnul použitelné časové razítko. Systémové hodiny nejsou synchronizovány.
Record Number: 14096
Source Name: W32Time
Time Written: 20101222082502.000000+060
Event Type: warning
User:
Computer Name: HELLRISE666
Event Code: 31008
Message: Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam serverů pro překlad
adres IP z registru.
Uvedený údaj je kód chyby.
Record Number: 14095
Source Name: ipnathlp
Time Written: 20101222054533.000000+060
Event Type: error
User:
Computer Name: HELLRISE666
Event Code: 31008
Message: Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam serverů pro překlad
adres IP z registru.
Uvedený údaj je kód chyby.
Record Number: 14094
Source Name: ipnathlp
Time Written: 20101222034533.000000+060
Event Type: error
User:
Computer Name: HELLRISE666
Event Code: 4226
Message: Došlo k překročení limitu možného počtu souběžných připojení protokolem TCP.
Record Number: 14093
Source Name: Tcpip
Time Written: 20101221195259.000000+060
Event Type: warning
User:
Computer Name: HELLRISE666
Event Code: 7023
Message: Služba HID Input Service byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.
Record Number: 14091
Source Name: Service Control Manager
Time Written: 20101221184550.000000+060
Event Type: error
User:
=====Application event log=====
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13409
Source Name: Google Update
Time Written: 20100605090805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13402
Source Name: Google Update
Time Written: 20100605020805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13401
Source Name: Google Update
Time Written: 20100605010805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13400
Source Name: Google Update
Time Written: 20100605000805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13392
Source Name: Google Update
Time Written: 20100604190805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\OrCAD\OrCAD_10.0_Demo\tools\specctra\bin;C:\OrCAD\OrCAD_10.0_Demo\tools\PSpice\Library;C:\OrCAD\OrCAD_10.0_Demo\tools\bin;C:\OrCAD\OrCAD_10.0_Demo\tools\fet\bin;C:\OrCAD\OrCAD_10.0_Demo\tools\Capture;C:\Program Files\Common Files\DivX Shared
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"KMP_DUPLICATE_LIB_OK"=TRUE
"MKL_SERIAL"=YES
-----------------EOF-----------------
CKScanner:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\hellriser\dokumenty\obrázky\controlcenter2\abbyy.finereader.professional.v8.0.0.706.incl.keymaker-core\keygen.exe
c:\documents and settings\hellriser\dokumenty\obrázky\controlcenter2\zwt\keygen.exe
c:\program files\bve4\railway\object\bakerloo\crackl.csv
c:\program files\bve4\railway\object\bakerloo\crackr.csv
c:\program files\bve4\railway\object\bakerloo\grasscrackl.csv
c:\program files\bve4\railway\object\bakerloo\grasscrackr.csv
c:\program files\bve4\railway\object\firstbrnotrack\track\crackl.csv
c:\program files\bve4\railway\object\firstbrnotrack\track\crackr.csv
c:\program files\bve4\railway\object\sanbie\sfondi\crack1l.csv
c:\program files\bve4\railway\object\tgv\tracks\track1crackl.b3d
c:\program files\bve4\railway\object\tgv\tracks\track1crackr.b3d
c:\program files\bve4\railway\object\tgv\tracks\track2crackl.b3d
c:\program files\bve4\railway\object\tgv\tracks\track2crackr.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_grey_l.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_grey_r.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_l.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_r.b3d
c:\program files\corel\corel graphics 11\custom data\bumpmap\cracks.cpt
c:\program files\corel\corel graphics 11\custom data\canvas\cracks2c.pcx
c:\program files\corel\corel graphics 11\custom data\tiles\cracks2m.cpt
c:\program files\image-line\fl studio 7\crack.exe
c:\programs\adobe.audition.v3.winall.cracked-nope\file_id.diz
c:\programs\adobe.audition.v3.winall.cracked-nope\nope.nfo
c:\programs\adobe.audition.v3.winall.cracked-nope\setup\audition3_efgjsi_trial.exe
c:\programs\nero8crack\crack\nero8crack.exe
c:\programs\nero8crack\crack\steps to activate nero 8.3.2.1.txt
scanner sequence 3.ZZ.11.JEAPBF
----- EOF -----
WVCheck:
Windows Validation Check
Version: 1.9.12.5
Log Created On: 1649_26-12-2011
-----------------------
Windows Information
-----------------------
Windows Version: Windows XP Service Pack 2
Windows Mode: Normal
Systemroot Path: C:\windows
WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Do not download or install updates automatically.
-----------------------
Last success time for Automatic Updates for 'Detect', 'Download' and 'Install' could not be found.
WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------
WVCheck's File Dump
-----------------------
WVCheck found no known bad files.
WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.
WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.
WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.
WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - 1b4ccc59980da34e75f20e42b283b027
-------- End of File, program close at 1649_26-12-2011 --------
======Uninstall list======
DSound Simple Audio Pack 1 v2.4 - OxYGeN -->C:\Audio\SIMPLE~1\UNWISE.EXE C:\Audio\SIMPLE~1\INSTALL.LOG
-->"C:\Program Files\WildGames\John Deere Drive Green\Uninstall.exe"
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {3C3813E1-C370-4F32-9639-8B43C7C780CD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {685D17E5-D868-4A77-B58E-255DEBA78262}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {F67648A4-713E-4298-BBAD-A83D8283B0F3}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {FE295FA2-72FC-4859-85B3-0E6685DB13A4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-041B-0000-0000000FF1CE} /uninstall {B1A00287-698E-48D0-8C8F-A3387C2B8C45}
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}
ACDSee Pro-->MsiExec.exe /I{F99F74B4-972B-4B06-B893-6B3B0DB0128B}
Active@ Partition Manager-->"C:\Program Files\InstallShield Installation Information\{A98E3354-AD08-427C-A0AC-32221A3E6598}\setup.exe" -runfromtemp -l0x0009 -removeonly
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Audition 3.0-->msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}
Adobe Flash Player 10 ActiveX-->C:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player 11.5-->"C:\windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Agere Systems HDA Modem-->agrsmdel
Aln Valley for BVE 4-->C:\Program Files\bve4\Uninstal.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Auto Gordian Knot 2.55-->C:\Program Files\AutoGK\uninst.exe
AutoCAD 2007 - Český-->MsiExec.exe /I{5783F2D7-5001-0405-0002-0060B0CE6BBA}
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove /q0
AveoCap-->C:\Program Files\InstallShield Installation Information\{5B73A65F-746A-4D50-B694-BA6A8DF6BC76}\setup.exe -runfromtemp -l0x0009 -removeonly
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
BS.Player PRO-->"C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
BVE 4-->MsiExec.exe /I{E52382DC-2E7A-439D-8ECE-A27D8B816645}
BVE Uchibo Line-->MsiExec.exe /I{9BD8D527-A96C-46DB-B076-48D34189B372}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
CompuApps SwissKnife V3-->C:\WINDOWS\ISUNINST.EXE -fC:\SWISNIFE\SKUninst.ISU -cC:\SWISNIFE\SKUNINST.DLL
CorelDRAW Graphics Suite 11-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{07A540AB-D785-11D5-8E89-0090275862A0}
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
DDR - Pen Drive Recovery (DEMO) 4.0.1.6-->C:\windows\UnDeploy.exe "C:\Program Files\DDR - Pen Drive Recovery (DEMO)\Deploy.log"
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Doplnok Microsoft Save as PDF or XPS pre programy balíka 2007 Microsoft Office-->MsiExec.exe /X{90120000-00B2-041B-0000-0000000FF1CE}
DSound Promo (AW1)-->C:\windows\IsUninst.exe -f"C:\Program Files\DSound\Promo\Uninst.isu"
DSound Stomp'n FX Vol.2 v1.0-->C:\Audio\STOMPN~1\UNWISE.EXE C:\Audio\STOMPN~1\INSTALL.LOG
Emagic EVP73 VSTi v1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\emagic\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\emagic\INSTALL.LOG
EZdrummer-->MsiExec.exe /I{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
EZXDfh-->MsiExec.exe /I{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
Fraps-->"C:\Fraps\uninstall.exe"
Free 3GP Video Converter version 3.7.18-->"C:\Program Files\DVDVideoSoft\Free 3GP Video Converter\unins000.exe"
Free Sound Recorder v6.7-->"C:\Program Files\Free Sound Recorder\unins000.exe"
Free Video to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free Video to MP3 Converter\unins000.exe"
Freelancer-->"E:\hry\Freelancer\UNINSTAL.EXE" /runtemp /addremove
FreeOCR.net v2.1-->"C:\Program Files\FreeOCRnet\unins000.exe"
Freeware HTI PDF Creator 4.0-->"C:\Program Files\InstallShield Installation Information\{BEAB106B-2569-451F-974A-47ED3BEBC816}\setup.exe" -runfromtemp -l0x0409 -removeonly
Freeware HTI PDF Creator 4.0-->MsiExec.exe /I{BEAB106B-2569-451F-974A-47ED3BEBC816}
Google Earth Plug-in-->MsiExec.exe /X{171E6C1E-B5FC-11DF-B115-005056C00008}
Google Earth Pro-->MsiExec.exe /X{9578C0CD-8108-4379-9026-4601F59859A0}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HI-TECH C51-lite V9.60PL0-->"C:\Program Files\HI-TECH Software\HC51\lite\9.60\resources\setup.exe"
HI-TECH PICC lite V9.60PL0-->"C:\Program Files\HI-TECH Software\PICC\lite\9.60\resources\setup.exe"
Hitman: Contracts-->E:\Hry\HITMAN~2\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9 anything
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Interlok driver setup x32-->MsiExec.exe /X{25613C10-27D2-410B-942B-D922D5C3A7BE}
Internet Explorer-->MsiExec.exe /I{8A3F7D5D-8A53-4A7C-B6DA-22DD1212EB55}
inTone Guitar Demo 1.1.3-->"C:\Program Files\Audiffex\inTone Guitar Demo\unins000.exe"
Java 2 Runtime Environment, SE v1.4.2_19-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142190}
Java 2 SDK, SE v1.4.2_19-->MsiExec.exe /I{35A3A4F4-B792-11D6-A78A-00B0D0142190}
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Mega Codec Pack 5.1.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Last.fm 1.5.4.27091-->"C:\Program Files\Last.fm\unins000.exe"
Macromedia Flash Player 8-->RunDll32 advpack.dll,LaunchINFSection C:\windows\INF\swflash.inf,DefaultUninstall,5
Marsu-Fix 2.5-->"C:\windows\Marsu-Fix 2.5 Uninstaller.exe"
MediaShow-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall
Mercury 1-->C:\PROGRA~1\TCWorks\Mercury\UNWISE.EXE C:\PROGRA~1\TCWorks\Mercury\INSTALL.LOG
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - CSY-->C:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - CSY\install.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00BA-041B-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0044-041B-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00A1-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\windows\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
Mobile Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}\setup.exe" -l0x9 -removeonly
MOTORM4X-->"E:\hry\MOTORM4X Offroad Extreme\uninstall.exe"
Mouse Driver-->C:\Program Files\InstallShield Installation Information\{55BFC356-5A7B-482F-A213-9ACFDDFF6037}\setup.exe -runfromtemp -l0x0409
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
National Instruments Software-->"C:\Program Files\National Instruments\Shared\NIUninstaller\uninst.exe"
Native Instruments B4 v1.11-->C:\PROGRA~1\NATIVE~1\B4\UNWISE.EXE C:\PROGRA~1\NATIVE~1\B4\INSTALL.LOG
Native Instruments Battery v1.0-->C:\PROGRA~1\NATIVE~1\Battery\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Battery\INSTALL.LOG
Native Instruments FM7-->C:\PROGRA~1\NATIVE~1\Fm7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Fm7\INSTALL.LOG
Native Instruments Pro52 v2.5-->C:\PROGRA~1\NATIVE~1\Pro52\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Pro52\INSTALL.LOG
Nero 8-->MsiExec.exe /X{6F8A555E-F2E1-415D-AD8A-67C0A7671051}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NHL® 08-->MsiExec.exe /X{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}
NI EULA Depot-->MsiExec.exe /I{0BEA337D-71D0-44C7-A575-932612A00908}
NI MDF Support-->MsiExec.exe /I{53FE1175-1B37-4677-924C-62AFFCC83800}
Nokia Series 40 Theme Studio 2.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{138B53E6-34D8-45FF-89D7-1D54A44FA355}\setup.exe" -l0x9 -removeonly
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA GAME System Software 2.8.1-->MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}
NVIDIA PhysX SDK 2.8.1-->MsiExec.exe /I{83012AA4-027F-3721-A0C5-0D31FD58C5DF}
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O2Micro Flash Memory Card Reader Driver Installer(x86)-->MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Opera 11.01-->"C:\Program Files\Opera\Opera.exe" /uninstall
Oprava Hotfix systému Windows XP (KB909095)-->"C:\windows\$NtUninstallKB909095$\spuninst\spuninst.exe"
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
PowerBackup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDirector Express-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDVD Copy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe
PunkBuster Services-->C:\windows\system32\pbsvc.exe -u
QIP 2005 Uninstall-->"C:\Program Files\QIP\unqip.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x001b -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x1b -removeonly
redist-->MsiExec.exe /I{153C7D89-9CF4-4719-A551-C5BF45236DB5}
rgcAudio z3ta+ v1.0-->C:\PROGRA~1\RGCAUD~1\Z3TA_~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\RGCAUD~1\Z3TA_~1\UNINST~1\INSTALL.LOG
ROCK AMP LEGENDS RTAS-->MsiExec.exe /I{89791B88-770B-4B4C-B759-BDC0DB3C7AC5}
ROCK AMP LEGENDS VST-->MsiExec.exe /I{B46C4F2E-8029-4004-B247-A8EA7E726972}
SH3cz verze 1.1 final-->"C:\Program Files\Ubisoft\Silent Hunter 3 čeština\unins000.exe"
Silent Hunter III-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7} /l1033
Space Synthesizer 1.2b-->"C:\Program Files\SpaceSynthesizer\uninst\unins000.exe"
Splash Beta-->MsiExec.exe /I{C941EC7F-1D8A-48B6-951C-FD5BE031B876}
Steinberg Cubase SX 1.01-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
Steinberg VoiceMachine v1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\STEINB~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\STEINB~1\INSTALL.LOG
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Control Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe" -l0x9 -removeonly
The Plan-->"E:\hry\The Plan\unins000.exe"
Theme Creator Pro 3.1.260 SR-1-->"C:\Program Files\SESoftware\Theme Creator Pro 3G\unins000.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Unlocker 1.9.0-->C:\Program Files\Unlocker\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VCD Menu Lite 2.00-->"C:\Program Files\Briggs Softworks\VCD Menu Lite\unins000.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VDownloader 3.0.712-->"C:\Program Files\VDownloader\unins000.exe"
Versal FileDownload ActiveX Control Trial Version-->C:\Program Files\Universal\UFileDownloadD\USetup.exe
VirtualBus A6C RC3-->"E:\hry\VirtualBus\unins000.exe"
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
Vuze_Remote Toolbar-->C:\PROGRA~1\VUZE_R~1\UNWISE.EXE /U C:\PROGRA~1\VUZE_R~1\INSTALL.LOG
Vuze-->C:\Program Files\Vuze\uninstall.exe
Waldorf.PPG.Wave2.V-OxYGeN-->C:\Audio\Waldorf\UNWISE.EXE C:\Audio\Waldorf\INSTALL.LOG
Warp VST V1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\INSTALL.LOG
WildTangent Games-->"C:\Program Files\WildGames\Uninstall.exe"
Winamp Toolbar for Firefox-->"\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp Toolbar for Internet Explorer-->"C:\Program Files\Winamp Toolbar\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinDjView 1.0.3-->C:\Program Files\WinDjView\uninstall.exe
Windows Imaging Component-->"C:\windows\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
World of Subways Vol.1-->C:\Program Files\InstallShield Installation Information\{891570B1-75CB-4281-8A00-742274F44973}\Setup.exe -runfromtemp -l0x0009 -removeonly
Xilisoft 3GP Video Converter 6-->C:\Program Files\Xilisoft\3GP Video Converter 6\Uninstall.exe
Xilisoft DVD Creator-->C:\Program Files\Xilisoft\DVD Creator3\Uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\windows\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD MPEG4 Video Codec (remove only)-->"C:\Program Files\XviD\xvid-uninstall.exe"
======Security center information======
AV: ESET Smart Security 4.0
FW: ESET personal firewall
======System event log======
Computer Name: HELLRISE666
Event Code: 36
Message: Služba Systémový čas nemohla synchronizovat systémový čas
o 49152 sekund, protože žádný ze zprostředkovatelů časových údajů neposkytnul použitelné časové razítko. Systémové hodiny nejsou synchronizovány.
Record Number: 14096
Source Name: W32Time
Time Written: 20101222082502.000000+060
Event Type: warning
User:
Computer Name: HELLRISE666
Event Code: 31008
Message: Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam serverů pro překlad
adres IP z registru.
Uvedený údaj je kód chyby.
Record Number: 14095
Source Name: ipnathlp
Time Written: 20101222054533.000000+060
Event Type: error
User:
Computer Name: HELLRISE666
Event Code: 31008
Message: Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam serverů pro překlad
adres IP z registru.
Uvedený údaj je kód chyby.
Record Number: 14094
Source Name: ipnathlp
Time Written: 20101222034533.000000+060
Event Type: error
User:
Computer Name: HELLRISE666
Event Code: 4226
Message: Došlo k překročení limitu možného počtu souběžných připojení protokolem TCP.
Record Number: 14093
Source Name: Tcpip
Time Written: 20101221195259.000000+060
Event Type: warning
User:
Computer Name: HELLRISE666
Event Code: 7023
Message: Služba HID Input Service byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.
Record Number: 14091
Source Name: Service Control Manager
Time Written: 20101221184550.000000+060
Event Type: error
User:
=====Application event log=====
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13409
Source Name: Google Update
Time Written: 20100605090805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13402
Source Name: Google Update
Time Written: 20100605020805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13401
Source Name: Google Update
Time Written: 20100605010805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13400
Source Name: Google Update
Time Written: 20100605000805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
Computer Name: HELLRISE666
Event Code: 20
Message:
Record Number: 13392
Source Name: Google Update
Time Written: 20100604190805.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\OrCAD\OrCAD_10.0_Demo\tools\specctra\bin;C:\OrCAD\OrCAD_10.0_Demo\tools\PSpice\Library;C:\OrCAD\OrCAD_10.0_Demo\tools\bin;C:\OrCAD\OrCAD_10.0_Demo\tools\fet\bin;C:\OrCAD\OrCAD_10.0_Demo\tools\Capture;C:\Program Files\Common Files\DivX Shared
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"KMP_DUPLICATE_LIB_OK"=TRUE
"MKL_SERIAL"=YES
-----------------EOF-----------------
CKScanner:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\hellriser\dokumenty\obrázky\controlcenter2\abbyy.finereader.professional.v8.0.0.706.incl.keymaker-core\keygen.exe
c:\documents and settings\hellriser\dokumenty\obrázky\controlcenter2\zwt\keygen.exe
c:\program files\bve4\railway\object\bakerloo\crackl.csv
c:\program files\bve4\railway\object\bakerloo\crackr.csv
c:\program files\bve4\railway\object\bakerloo\grasscrackl.csv
c:\program files\bve4\railway\object\bakerloo\grasscrackr.csv
c:\program files\bve4\railway\object\firstbrnotrack\track\crackl.csv
c:\program files\bve4\railway\object\firstbrnotrack\track\crackr.csv
c:\program files\bve4\railway\object\sanbie\sfondi\crack1l.csv
c:\program files\bve4\railway\object\tgv\tracks\track1crackl.b3d
c:\program files\bve4\railway\object\tgv\tracks\track1crackr.b3d
c:\program files\bve4\railway\object\tgv\tracks\track2crackl.b3d
c:\program files\bve4\railway\object\tgv\tracks\track2crackr.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_grey_l.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_grey_r.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_l.b3d
c:\program files\bve4\railway\object\tgv\walls\crack_r.b3d
c:\program files\corel\corel graphics 11\custom data\bumpmap\cracks.cpt
c:\program files\corel\corel graphics 11\custom data\canvas\cracks2c.pcx
c:\program files\corel\corel graphics 11\custom data\tiles\cracks2m.cpt
c:\program files\image-line\fl studio 7\crack.exe
c:\programs\adobe.audition.v3.winall.cracked-nope\file_id.diz
c:\programs\adobe.audition.v3.winall.cracked-nope\nope.nfo
c:\programs\adobe.audition.v3.winall.cracked-nope\setup\audition3_efgjsi_trial.exe
c:\programs\nero8crack\crack\nero8crack.exe
c:\programs\nero8crack\crack\steps to activate nero 8.3.2.1.txt
scanner sequence 3.ZZ.11.JEAPBF
----- EOF -----
WVCheck:
Windows Validation Check
Version: 1.9.12.5
Log Created On: 1649_26-12-2011
-----------------------
Windows Information
-----------------------
Windows Version: Windows XP Service Pack 2
Windows Mode: Normal
Systemroot Path: C:\windows
WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Do not download or install updates automatically.
-----------------------
Last success time for Automatic Updates for 'Detect', 'Download' and 'Install' could not be found.
WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------
WVCheck's File Dump
-----------------------
WVCheck found no known bad files.
WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.
WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.
WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.
WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - 1b4ccc59980da34e75f20e42b283b027
-------- End of File, program close at 1649_26-12-2011 --------
Re: Poprosim o kontrolu
Z jakeho duvodu nestahujete automaticke aktualizace pro system 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosim o kontrolu
Uz je vsetko ok, SP3 nainstalovany
Re: Poprosim o kontrolu
A z jakeho duvodu predtim nebyl a i aktualizace byly odmitany
Poprosim o novy log z RSIT
Poprosim o novy log z RSIT
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosim o kontrolu
Pretoze bola aktualizacia vypnuta
Logfile of random's system information tool 1.09 (written by random/random)
Run by HellRiser at 2011-12-27 16:44:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 931 MB (2%) free of 38 GB
Total RAM: 3071 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:08, on 27.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mouse Driver\KMWDSrv.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\Program Files\System Control Manager\edd.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\windows\Explorer.EXE
C:\windows\system32\nvsvc32.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\svchost.exe
C:\windows\RTHDCPL.EXE
C:\windows\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\AVEO\AveoCap\AveoSTI.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\HellRiser\Plocha\RSIT.exe
C:\Program Files\Trend Micro\HellRiser.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [AveoSTI.exe] C:\Program Files\AVEO\AveoCap\AveoSTI.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownload\adddownload.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 13041 bytes
======Scheduled tasks folder======
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default
prefs.js - "browser.startup.homepage" - "http://www.facebook.com/?ref=home"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-10-28 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD4C-013BA51E2871}]
E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuz2.dll [2010-10-18 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-10-28 503808]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{4322A444-92F8-4C3E-BD4C-013BA51E2871} - E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuz2.dll [2010-10-18 3908192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-20 8462336]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-10-16 16855552]
"AGRSMMSG"=C:\windows\AGRSMMSG.exe [2006-06-29 89541]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-09-15 815104]
"MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2007-10-19 180224]
"AveoSTI.exe"=C:\Program Files\AVEO\AveoCap\AveoSTI.exe [2007-11-06 24576]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"UnlockerAssistant"=C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe [2010-07-04 17408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-22 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
C:\Program Files\VersalSoft\InternetDownload\InternetDownload.exe [2009-01-05 361472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32]
cryptnet32.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-08-24 133120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\CyberLink\PowerDirector Express\PDX.exe"="C:\Program Files\CyberLink\PowerDirector Express\PDX.exe:*:Enabled:CyberLink PowerDirector Express"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\dc++\StrongDC.exe"="E:\dc++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Hry\NHL08\nhl2008.exe"="E:\Hry\NHL08\nhl2008.exe:*:Enabled:nhl2008"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"E:\Hry\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="E:\Hry\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Hry\Landwirtschafts Simulator 2011\game.exe"="E:\Hry\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Hry\Farming Simulator 2011\FarmingSimulator2011.exe"="E:\Hry\Farming Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Farming Simulator 2011"
"E:\Hry\Farming Simulator 2011\game.exe"="E:\Hry\Farming Simulator 2011\game.exe:*:Enabled:Farming Simulator 2011"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.iv41"=ir41_32.ax
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"vidc.XVID"=xvidvfw.dll
"SENTINEL"=snti386.dll
"msacm.vorbis"=vorbis.acm
"VIDC.DIVX"=divx.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.scr - open - "C:\windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-12-26 19:00:19 ----A---- C:\windows\OEWABLog.txt
2011-12-26 18:58:40 ----D---- C:\windows\Prefetch
2011-12-26 18:49:03 ----A---- C:\windows\setuplog.txt
2011-12-26 18:48:14 ----N---- C:\windows\system32\smtpapi.dll
2011-12-26 18:48:14 ----N---- C:\windows\system32\rwnh.dll
2011-12-26 18:48:12 ----N---- C:\windows\system32\aaclient.dll
2011-12-26 18:48:11 ----N---- C:\windows\system32\bitsprx4.dll
2011-12-26 18:48:11 ----N---- C:\windows\system32\azroles.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3ui.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3svc.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3msm.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3gpclnt.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3dlg.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3cfg.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3api.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dimsroam.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dimsntfy.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dhcpqec.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\credssp.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapsvc.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapqec.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eappprxy.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapphost.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eappgnui.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eappcfg.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapp3hst.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapolqec.dll
2011-12-26 18:48:08 ----N---- C:\windows\system32\kbdbhc.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\mmcfxcommon.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\mmcex.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\microsoft.managementconsole.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\l2gpstore.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kmsvc.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kbdpash.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kbdnepr.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kbdiultn.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\napstat.exe
2011-12-26 18:48:06 ----N---- C:\windows\system32\napmontr.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\napipsec.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\msshavmsg.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\mssha.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\mmcperf.exe
2011-12-26 18:48:05 ----N---- C:\windows\system32\rhttpaa.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\rasqec.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qutil.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qcliprov.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qagentrt.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qagent.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\onex.dll
2011-12-26 18:48:04 ----N---- C:\windows\system32\setupn.exe
2011-12-26 18:48:03 ----N---- C:\windows\system32\xpsp3res.dll
2011-12-26 18:48:03 ----N---- C:\windows\system32\verclsid.exe
2011-12-26 18:48:03 ----N---- C:\windows\system32\tzchange.exe
2011-12-26 18:48:03 ----N---- C:\windows\system32\tspkg.dll
2011-12-26 18:48:03 ----N---- C:\windows\system32\tsgqec.dll
2011-12-26 18:48:02 ----N---- C:\windows\system32\wlanapi.dll
2011-12-26 18:48:00 ----N---- C:\windows\system32\xmllite.dll
2011-12-26 18:47:58 ----D---- C:\windows\system32\cs
2011-12-26 18:47:58 ----D---- C:\windows\l2schemas
2011-12-26 18:47:57 ----D---- C:\windows\system32\bits
2011-12-26 18:42:56 ----D---- C:\windows\network diagnostic
2011-12-26 18:42:53 ----N---- C:\windows\system32\drivers\sffp_mmc.sys
2011-12-26 18:41:37 ----A---- C:\windows\003218_.tmp
2011-12-26 18:39:00 ----HDC---- C:\windows\$NtServicePackUninstall$
======List of files/folders modified in the last 1 month======
2011-12-27 16:45:08 ----D---- C:\windows\temp
2011-12-27 16:44:57 ----D---- C:\Program Files\Trend Micro
2011-12-26 19:02:21 ----D---- C:\Documents and Settings\HellRiser\Data aplikací\Skype
2011-12-26 19:00:36 ----D---- C:\windows\system32
2011-12-26 19:00:34 ----HD---- C:\windows\inf
2011-12-26 19:00:31 ----SHD---- C:\windows\Installer
2011-12-26 19:00:19 ----D---- C:\WINDOWS
2011-12-26 18:59:55 ----D---- C:\windows\Debug
2011-12-26 18:59:26 ----D---- C:\windows\system32\CatRoot2
2011-12-26 18:58:00 ----D---- C:\windows\system32\wbem
2011-12-26 18:58:00 ----D---- C:\windows\system32\Setup
2011-12-26 18:58:00 ----D---- C:\windows\AppPatch
2011-12-26 18:57:59 ----RSD---- C:\windows\Fonts
2011-12-26 18:57:54 ----D---- C:\windows\system32\drivers
2011-12-26 18:56:55 ----A---- C:\windows\SchedLgU.Txt
2011-12-26 18:51:52 ----D---- C:\windows\security
2011-12-26 18:51:32 ----D---- C:\windows\system32\CatRoot
2011-12-26 18:48:32 ----D---- C:\windows\WinSxS
2011-12-26 18:48:27 ----D---- C:\Program Files\Messenger
2011-12-26 18:48:24 ----RSHDC---- C:\windows\system32\dllcache
2011-12-26 18:48:24 ----D---- C:\Program Files\Windows Media Player
2011-12-26 18:48:21 ----D---- C:\windows\Help
2011-12-26 18:48:16 ----D---- C:\windows\EHome
2011-12-26 18:48:14 ----D---- C:\windows\system32\inetsrv
2011-12-26 18:48:13 ----D---- C:\windows\ime
2011-12-26 18:48:00 ----D---- C:\windows\system32\usmt
2011-12-26 18:48:00 ----D---- C:\windows\system32\cs-CZ
2011-12-26 18:47:59 ----D---- C:\Program Files\Internet Explorer
2011-12-26 18:47:57 ----D---- C:\windows\peernet
2011-12-26 18:47:57 ----D---- C:\Program Files\Movie Maker
2011-12-26 18:44:54 ----D---- C:\windows\system32\Restore
2011-12-26 18:44:54 ----D---- C:\windows\system32\npp
2011-12-26 18:44:53 ----D---- C:\windows\msagent
2011-12-26 18:44:51 ----D---- C:\windows\srchasst
2011-12-26 18:44:51 ----D---- C:\Program Files\NetMeeting
2011-12-26 18:44:50 ----D---- C:\windows\system32\Com
2011-12-26 18:44:46 ----D---- C:\Program Files\Windows NT
2011-12-26 18:44:45 ----D---- C:\Program Files\Outlook Express
2011-12-26 18:44:42 ----D---- C:\Program Files\Common Files\System
2011-12-26 18:44:26 ----D---- C:\windows\system32\oobe
2011-12-26 18:44:25 ----D---- C:\windows\system
2011-12-26 18:28:41 ----A---- C:\windows\wincmd.ini
2011-12-24 11:54:57 ----D---- C:\Program Files\Mozilla Firefox
2011-12-10 16:04:37 ----D---- C:\Program Files\Opera
2011-12-06 21:41:29 ----RD---- C:\Program Files\Skype
2011-12-06 21:41:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 O2SDRDR;O2SDRDR; C:\windows\system32\DRIVERS\o2sd.sys [2007-04-02 35712]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\windows\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sonyhcb;Sony Digital Imaging Base; C:\windows\system32\DRIVERS\sonyhcb.sys [2001-11-05 6097]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2008-09-18 717296]
R0 TPkd;TPkd; C:\windows\system32\drivers\TPkd.sys [2008-09-08 93232]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdi;epfwtdi; C:\windows\system32\DRIVERS\epfwtdi.sys [2009-05-14 55768]
R1 intelppm;Řadič procesoru Intel; C:\windows\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 acedrv11;acedrv11; \??\C:\windows\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2008-09-25 279712]
R2 cvintdrv;cvintdrv; C:\windows\system32\drivers\cvintdrv.sys [2006-07-27 4096]
R2 eamon;eamon; C:\windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2008-09-25 25888]
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 SBKUPNT;SBKUPNT; \??\C:\windows\system32\Drivers\SBKUPNT.SYS []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\System32\DRIVERS\AGRSM.sys [2006-06-29 1160320]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-10-16 4615168]
R3 KMWDFilter;KMWDFilter; \??\C:\windows\System32\Drivers\KMWDFilter.SYS []
R3 MGHwCtrl;MGHwCtrl; \??\C:\WINDOWS\System32\drivers\MGHwCtrl.sys []
R3 mouhid;Ovladač myši standardu HID; C:\windows\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\windows\system32\DRIVERS\NETw4x32.sys [2007-06-20 2208512]
R3 NIC1394;1394 Net Driver; C:\windows\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2007-06-20 6804416]
R3 pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2008-09-18 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\System32\DRIVERS\Rtenicxp.sys [2007-09-19 101504]
R3 sdbus;sdbus; C:\windows\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\System32\DRIVERS\SynTP.sys [2006-09-15 199104]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S0 O2MDRDR;O2MDRDR; C:\windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
S2 Sentinel;Sentinel; C:\windows\System32\Drivers\SENTINEL.SYS [2008-02-21 64512]
S3 ati6ru20;ati6ru20; C:\windows\system32\drivers\ati6ru20.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\windows\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2007-05-26 100992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PortTalk;PortTalk; C:\windows\System32\Drivers\PortTalk.sys [2002-01-12 3567]
S3 pwdrvio;pwdrvio; \??\C:\windows\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\windows\system32\pwdspio.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\windows\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SliceDisk5;SliceDisk5; \??\C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 sonyhcs;Sony Digital Imaging Video; C:\windows\system32\DRIVERS\sonyhcs.sys [2001-11-05 299923]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\windows\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2006-11-30 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2006-11-22 53504]
S3 tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2006-10-27 40960]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\windows\system32\DRIVERS\w29n51.sys [2007-04-04 2210048]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2007-04-05 208896]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2006-07-25 57344]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2006-02-06 49152]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2007-06-20 155716]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-13 66872]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-07-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-16 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-01-27 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by HellRiser at 2011-12-27 16:44:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 931 MB (2%) free of 38 GB
Total RAM: 3071 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:08, on 27.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mouse Driver\KMWDSrv.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\Program Files\System Control Manager\edd.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\windows\Explorer.EXE
C:\windows\system32\nvsvc32.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\svchost.exe
C:\windows\RTHDCPL.EXE
C:\windows\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\AVEO\AveoCap\AveoSTI.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\HellRiser\Plocha\RSIT.exe
C:\Program Files\Trend Micro\HellRiser.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [AveoSTI.exe] C:\Program Files\AVEO\AveoCap\AveoSTI.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownload\adddownload.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 13041 bytes
======Scheduled tasks folder======
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default
prefs.js - "browser.startup.homepage" - "http://www.facebook.com/?ref=home"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-10-28 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD4C-013BA51E2871}]
E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuz2.dll [2010-10-18 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-10-28 503808]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{4322A444-92F8-4C3E-BD4C-013BA51E2871} - E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuz2.dll [2010-10-18 3908192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-20 8462336]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-10-16 16855552]
"AGRSMMSG"=C:\windows\AGRSMMSG.exe [2006-06-29 89541]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-09-15 815104]
"MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2007-10-19 180224]
"AveoSTI.exe"=C:\Program Files\AVEO\AveoCap\AveoSTI.exe [2007-11-06 24576]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"UnlockerAssistant"=C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe [2010-07-04 17408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-22 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
C:\Program Files\VersalSoft\InternetDownload\InternetDownload.exe [2009-01-05 361472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32]
cryptnet32.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-08-24 133120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\CyberLink\PowerDirector Express\PDX.exe"="C:\Program Files\CyberLink\PowerDirector Express\PDX.exe:*:Enabled:CyberLink PowerDirector Express"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre1.6.0_07\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\dc++\StrongDC.exe"="E:\dc++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Hry\NHL08\nhl2008.exe"="E:\Hry\NHL08\nhl2008.exe:*:Enabled:nhl2008"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"E:\Hry\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="E:\Hry\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Hry\Landwirtschafts Simulator 2011\game.exe"="E:\Hry\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Hry\Farming Simulator 2011\FarmingSimulator2011.exe"="E:\Hry\Farming Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Farming Simulator 2011"
"E:\Hry\Farming Simulator 2011\game.exe"="E:\Hry\Farming Simulator 2011\game.exe:*:Enabled:Farming Simulator 2011"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.iv41"=ir41_32.ax
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"vidc.XVID"=xvidvfw.dll
"SENTINEL"=snti386.dll
"msacm.vorbis"=vorbis.acm
"VIDC.DIVX"=divx.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.scr - open - "C:\windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2011-12-26 19:00:19 ----A---- C:\windows\OEWABLog.txt
2011-12-26 18:58:40 ----D---- C:\windows\Prefetch
2011-12-26 18:49:03 ----A---- C:\windows\setuplog.txt
2011-12-26 18:48:14 ----N---- C:\windows\system32\smtpapi.dll
2011-12-26 18:48:14 ----N---- C:\windows\system32\rwnh.dll
2011-12-26 18:48:12 ----N---- C:\windows\system32\aaclient.dll
2011-12-26 18:48:11 ----N---- C:\windows\system32\bitsprx4.dll
2011-12-26 18:48:11 ----N---- C:\windows\system32\azroles.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3ui.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3svc.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3msm.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3gpclnt.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3dlg.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3cfg.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dot3api.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dimsroam.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dimsntfy.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\dhcpqec.dll
2011-12-26 18:48:10 ----N---- C:\windows\system32\credssp.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapsvc.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapqec.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eappprxy.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapphost.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eappgnui.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eappcfg.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapp3hst.dll
2011-12-26 18:48:09 ----N---- C:\windows\system32\eapolqec.dll
2011-12-26 18:48:08 ----N---- C:\windows\system32\kbdbhc.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\mmcfxcommon.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\mmcex.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\microsoft.managementconsole.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\l2gpstore.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kmsvc.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kbdpash.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kbdnepr.dll
2011-12-26 18:48:07 ----N---- C:\windows\system32\kbdiultn.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\napstat.exe
2011-12-26 18:48:06 ----N---- C:\windows\system32\napmontr.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\napipsec.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\msshavmsg.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\mssha.dll
2011-12-26 18:48:06 ----N---- C:\windows\system32\mmcperf.exe
2011-12-26 18:48:05 ----N---- C:\windows\system32\rhttpaa.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\rasqec.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qutil.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qcliprov.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qagentrt.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\qagent.dll
2011-12-26 18:48:05 ----N---- C:\windows\system32\onex.dll
2011-12-26 18:48:04 ----N---- C:\windows\system32\setupn.exe
2011-12-26 18:48:03 ----N---- C:\windows\system32\xpsp3res.dll
2011-12-26 18:48:03 ----N---- C:\windows\system32\verclsid.exe
2011-12-26 18:48:03 ----N---- C:\windows\system32\tzchange.exe
2011-12-26 18:48:03 ----N---- C:\windows\system32\tspkg.dll
2011-12-26 18:48:03 ----N---- C:\windows\system32\tsgqec.dll
2011-12-26 18:48:02 ----N---- C:\windows\system32\wlanapi.dll
2011-12-26 18:48:00 ----N---- C:\windows\system32\xmllite.dll
2011-12-26 18:47:58 ----D---- C:\windows\system32\cs
2011-12-26 18:47:58 ----D---- C:\windows\l2schemas
2011-12-26 18:47:57 ----D---- C:\windows\system32\bits
2011-12-26 18:42:56 ----D---- C:\windows\network diagnostic
2011-12-26 18:42:53 ----N---- C:\windows\system32\drivers\sffp_mmc.sys
2011-12-26 18:41:37 ----A---- C:\windows\003218_.tmp
2011-12-26 18:39:00 ----HDC---- C:\windows\$NtServicePackUninstall$
======List of files/folders modified in the last 1 month======
2011-12-27 16:45:08 ----D---- C:\windows\temp
2011-12-27 16:44:57 ----D---- C:\Program Files\Trend Micro
2011-12-26 19:02:21 ----D---- C:\Documents and Settings\HellRiser\Data aplikací\Skype
2011-12-26 19:00:36 ----D---- C:\windows\system32
2011-12-26 19:00:34 ----HD---- C:\windows\inf
2011-12-26 19:00:31 ----SHD---- C:\windows\Installer
2011-12-26 19:00:19 ----D---- C:\WINDOWS
2011-12-26 18:59:55 ----D---- C:\windows\Debug
2011-12-26 18:59:26 ----D---- C:\windows\system32\CatRoot2
2011-12-26 18:58:00 ----D---- C:\windows\system32\wbem
2011-12-26 18:58:00 ----D---- C:\windows\system32\Setup
2011-12-26 18:58:00 ----D---- C:\windows\AppPatch
2011-12-26 18:57:59 ----RSD---- C:\windows\Fonts
2011-12-26 18:57:54 ----D---- C:\windows\system32\drivers
2011-12-26 18:56:55 ----A---- C:\windows\SchedLgU.Txt
2011-12-26 18:51:52 ----D---- C:\windows\security
2011-12-26 18:51:32 ----D---- C:\windows\system32\CatRoot
2011-12-26 18:48:32 ----D---- C:\windows\WinSxS
2011-12-26 18:48:27 ----D---- C:\Program Files\Messenger
2011-12-26 18:48:24 ----RSHDC---- C:\windows\system32\dllcache
2011-12-26 18:48:24 ----D---- C:\Program Files\Windows Media Player
2011-12-26 18:48:21 ----D---- C:\windows\Help
2011-12-26 18:48:16 ----D---- C:\windows\EHome
2011-12-26 18:48:14 ----D---- C:\windows\system32\inetsrv
2011-12-26 18:48:13 ----D---- C:\windows\ime
2011-12-26 18:48:00 ----D---- C:\windows\system32\usmt
2011-12-26 18:48:00 ----D---- C:\windows\system32\cs-CZ
2011-12-26 18:47:59 ----D---- C:\Program Files\Internet Explorer
2011-12-26 18:47:57 ----D---- C:\windows\peernet
2011-12-26 18:47:57 ----D---- C:\Program Files\Movie Maker
2011-12-26 18:44:54 ----D---- C:\windows\system32\Restore
2011-12-26 18:44:54 ----D---- C:\windows\system32\npp
2011-12-26 18:44:53 ----D---- C:\windows\msagent
2011-12-26 18:44:51 ----D---- C:\windows\srchasst
2011-12-26 18:44:51 ----D---- C:\Program Files\NetMeeting
2011-12-26 18:44:50 ----D---- C:\windows\system32\Com
2011-12-26 18:44:46 ----D---- C:\Program Files\Windows NT
2011-12-26 18:44:45 ----D---- C:\Program Files\Outlook Express
2011-12-26 18:44:42 ----D---- C:\Program Files\Common Files\System
2011-12-26 18:44:26 ----D---- C:\windows\system32\oobe
2011-12-26 18:44:25 ----D---- C:\windows\system
2011-12-26 18:28:41 ----A---- C:\windows\wincmd.ini
2011-12-24 11:54:57 ----D---- C:\Program Files\Mozilla Firefox
2011-12-10 16:04:37 ----D---- C:\Program Files\Opera
2011-12-06 21:41:29 ----RD---- C:\Program Files\Skype
2011-12-06 21:41:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 O2SDRDR;O2SDRDR; C:\windows\system32\DRIVERS\o2sd.sys [2007-04-02 35712]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\windows\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sonyhcb;Sony Digital Imaging Base; C:\windows\system32\DRIVERS\sonyhcb.sys [2001-11-05 6097]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2008-09-18 717296]
R0 TPkd;TPkd; C:\windows\system32\drivers\TPkd.sys [2008-09-08 93232]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdi;epfwtdi; C:\windows\system32\DRIVERS\epfwtdi.sys [2009-05-14 55768]
R1 intelppm;Řadič procesoru Intel; C:\windows\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 acedrv11;acedrv11; \??\C:\windows\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2008-09-25 279712]
R2 cvintdrv;cvintdrv; C:\windows\system32\drivers\cvintdrv.sys [2006-07-27 4096]
R2 eamon;eamon; C:\windows\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2008-09-25 25888]
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 SBKUPNT;SBKUPNT; \??\C:\windows\system32\Drivers\SBKUPNT.SYS []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\System32\DRIVERS\AGRSM.sys [2006-06-29 1160320]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-10-16 4615168]
R3 KMWDFilter;KMWDFilter; \??\C:\windows\System32\Drivers\KMWDFilter.SYS []
R3 MGHwCtrl;MGHwCtrl; \??\C:\WINDOWS\System32\drivers\MGHwCtrl.sys []
R3 mouhid;Ovladač myši standardu HID; C:\windows\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\windows\system32\DRIVERS\NETw4x32.sys [2007-06-20 2208512]
R3 NIC1394;1394 Net Driver; C:\windows\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2007-06-20 6804416]
R3 pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2008-09-18 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\System32\DRIVERS\Rtenicxp.sys [2007-09-19 101504]
R3 sdbus;sdbus; C:\windows\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\System32\DRIVERS\SynTP.sys [2006-09-15 199104]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S0 O2MDRDR;O2MDRDR; C:\windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
S2 Sentinel;Sentinel; C:\windows\System32\Drivers\SENTINEL.SYS [2008-02-21 64512]
S3 ati6ru20;ati6ru20; C:\windows\system32\drivers\ati6ru20.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\windows\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2007-05-26 100992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PortTalk;PortTalk; C:\windows\System32\Drivers\PortTalk.sys [2002-01-12 3567]
S3 pwdrvio;pwdrvio; \??\C:\windows\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\windows\system32\pwdspio.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\windows\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SliceDisk5;SliceDisk5; \??\C:\DOCUME~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 sonyhcs;Sony Digital Imaging Video; C:\windows\system32\DRIVERS\sonyhcs.sys [2001-11-05 299923]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\windows\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2006-11-30 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2006-11-22 53504]
S3 tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2006-10-27 40960]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\windows\system32\DRIVERS\w29n51.sys [2007-04-04 2210048]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2007-04-05 208896]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2006-07-25 57344]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2006-02-06 49152]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2007-06-20 155716]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-04-13 66872]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-07-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-16 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-02 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-01-27 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
-----------------EOF-----------------
Re: Poprosim o kontrolu
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programyPROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosim o kontrolu
hotovo
ComboFix 11-12-28.02 - Administrator 28.12.2011 13:05:21.9.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3071.2666 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\HellRiser\WINDOWS
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\256191639A.dll
c:\windows\system32\drivers\str.sys
c:\windows\system32\shimg.dll
c:\windows\system32\tmp3C0.tmp
c:\windows\system32\tmp3C1.tmp
c:\windows\system32\winnt
c:\windows\system32\winnt\atl.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-28 )))))))))))))))))))))))))))))))
.
.
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\l2schemas
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\cs
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\bits
2011-12-26 17:45 . 2008-04-14 07:51 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2011-12-26 17:42 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2011-12-26 17:41 . 2006-12-28 23:31 19569 ----a-w- c:\windows\003218_.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 06:55 . 2011-11-23 06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-01-26 17:11 . 2010-12-27 01:04 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2011-12-24 10:54 . 2011-06-02 17:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz2.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\Vuze_Remote\tbVuz2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz2.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuz2.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336]
"nwiz"="nwiz.exe" [2007-06-20 1626112]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-15 815104]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224]
"AveoSTI.exe"="c:\program files\AVEO\AveoCap\AveoSTI.exe" [2007-11-06 24576]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-01-20 217088]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
"UnlockerAssistant"="c:\docume~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe" [2010-07-04 17408]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-22 16:33 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
2009-01-05 06:27 361472 ----a-w- c:\program files\VersalSoft\InternetDownload\InternetDownload.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\dc++\\StrongDC.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"e:\\Hry\\NHL08\\nhl2008.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Hry\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [6.11.2009 17:03 35712]
R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [25.9.2011 13:19 6097]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.9.2008 12:50 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 11:22 185472]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [5.4.2007 10:29 208896]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [17.9.2008 12:02 40960]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [8.2.2011 14:46 14976]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [17.9.2008 12:02 9088]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [6.11.2009 17:03 39680]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2.9.2009 19:47 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2.9.2009 19:47 133104]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [18.8.2010 16:35 3567]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [7.2.2011 23:42 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [7.2.2011 23:42 11104]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [25.9.2011 13:19 299923]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 18:47]
.
2011-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 18:47]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download - c:\program files\VersalSoft\InternetDownload\adddownload.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.56.100 213.215.80.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=home
FF - prefs.js: network.proxy.type - 2
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Crash Bandicoot 3 (pSX 1.13 emulation) - c:\hry\Crash Bandicoot 3\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-28 13:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:47,f1,3b,16,1f,4b,5a,ea,de,73,1b,e0,e6,08,82,f1,85,a8,c1,0d,cd,fa,36,
30,4c,bb,15,ab,00,01,d6,1c,54,de,26,7b,e4,88,dc,3a,76,36,b5,98,05,83,e9,0b,\
"??"=hex:c6,6a,f7,8f,fe,3c,4f,61,41,8d,54,ac,87,80,6a,de
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,de,d0,95,04,aa,5e,d9,de,65,3e,b3,4b,0f,b3,62,b8,73,96,ad,e6,
2f,b5,d4,97,05,73,6d,0b,86,21,b9,e7,b8,cb,34,b8,21,b3,a0,79,a1,ab,c8,08,23,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2336)
c:\docume~1\HELLRI~1\LOCALS~1\Temp\UnlockerHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\windows\AGRSMMSG.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\Mouse Driver\KMProcess.exe
.
**************************************************************************
.
Completion time: 2011-12-28 13:25:40 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-28 12:25
.
Pre-Run: 4 308 189 184
Post-Run: 1 068 941 312
.
- - End Of File - - 6463223F5B2747572C509F002B7C8253
ComboFix 11-12-28.02 - Administrator 28.12.2011 13:05:21.9.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3071.2666 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\HellRiser\WINDOWS
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\256191639A.dll
c:\windows\system32\drivers\str.sys
c:\windows\system32\shimg.dll
c:\windows\system32\tmp3C0.tmp
c:\windows\system32\tmp3C1.tmp
c:\windows\system32\winnt
c:\windows\system32\winnt\atl.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-28 )))))))))))))))))))))))))))))))
.
.
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\l2schemas
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\cs
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\bits
2011-12-26 17:45 . 2008-04-14 07:51 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2011-12-26 17:42 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2011-12-26 17:41 . 2006-12-28 23:31 19569 ----a-w- c:\windows\003218_.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 06:55 . 2011-11-23 06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-01-26 17:11 . 2010-12-27 01:04 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2011-12-24 10:54 . 2011-06-02 17:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz2.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\Vuze_Remote\tbVuz2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuz2.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuz2.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336]
"nwiz"="nwiz.exe" [2007-06-20 1626112]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-15 815104]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224]
"AveoSTI.exe"="c:\program files\AVEO\AveoCap\AveoSTI.exe" [2007-11-06 24576]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-01-20 217088]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
"UnlockerAssistant"="c:\docume~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe" [2010-07-04 17408]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-22 16:33 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
2009-01-05 06:27 361472 ----a-w- c:\program files\VersalSoft\InternetDownload\InternetDownload.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\dc++\\StrongDC.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"e:\\Hry\\NHL08\\nhl2008.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Hry\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [6.11.2009 17:03 35712]
R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [25.9.2011 13:19 6097]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.9.2008 12:50 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 11:22 185472]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [5.4.2007 10:29 208896]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [17.9.2008 12:02 40960]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [8.2.2011 14:46 14976]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [17.9.2008 12:02 9088]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [6.11.2009 17:03 39680]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2.9.2009 19:47 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2.9.2009 19:47 133104]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [18.8.2010 16:35 3567]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [7.2.2011 23:42 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [7.2.2011 23:42 11104]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [25.9.2011 13:19 299923]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 18:47]
.
2011-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 18:47]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download - c:\program files\VersalSoft\InternetDownload\adddownload.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.56.100 213.215.80.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=home
FF - prefs.js: network.proxy.type - 2
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Crash Bandicoot 3 (pSX 1.13 emulation) - c:\hry\Crash Bandicoot 3\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-28 13:20
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:47,f1,3b,16,1f,4b,5a,ea,de,73,1b,e0,e6,08,82,f1,85,a8,c1,0d,cd,fa,36,
30,4c,bb,15,ab,00,01,d6,1c,54,de,26,7b,e4,88,dc,3a,76,36,b5,98,05,83,e9,0b,\
"??"=hex:c6,6a,f7,8f,fe,3c,4f,61,41,8d,54,ac,87,80,6a,de
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,de,d0,95,04,aa,5e,d9,de,65,3e,b3,4b,0f,b3,62,b8,73,96,ad,e6,
2f,b5,d4,97,05,73,6d,0b,86,21,b9,e7,b8,cb,34,b8,21,b3,a0,79,a1,ab,c8,08,23,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2336)
c:\docume~1\HELLRI~1\LOCALS~1\Temp\UnlockerHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\windows\AGRSMMSG.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\Mouse Driver\KMProcess.exe
.
**************************************************************************
.
Completion time: 2011-12-28 13:25:40 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-28 12:25
.
Pre-Run: 4 308 189 184
Post-Run: 1 068 941 312
.
- - End Of File - - 6463223F5B2747572C509F002B7C8253
Re: Poprosim o kontrolu
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: File:: C:\windows\tasks\AppleSoftwareUpdate.job C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job c:\windows\003218_.tmp Folder:: c:\program files\Winamp Toolbar Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"=- "{ba14329e-9550-4989-b3f2-9732e92d17cc}"=- [-HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [-HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [-HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [-HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"=- [-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{BA14329E-9550-4989-B3F2-9732E92D17CC}"=- [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "Skype"=- "PWRISOVM.EXE"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UnlockerAssistant=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] Driver:: gupdate gupdatem RegNull:: [HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] [HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*] Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosim o kontrolu
ComboFix 11-12-28.02 - Administrator 29.12.2011 20:02:17.10.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3071.2671 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
"c:\windows\003218_.tmp"
"c:\windows\tasks\AppleSoftwareUpdate.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\GoogleEarth.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\earthps.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\ge_expat.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\googleearth_free.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\msvcp100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\msvcr100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\Plugins\npgeinprocessplugin.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\wavdest.ax
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\earthps.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\ge_expat.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\googleearth_free.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\msvcp100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\msvcr100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\npgeplugin.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\plugin_ax.dll
c:\documents and settings\HellRiser\Local Settings\temp\2.tmp
c:\documents and settings\HellRiser\Local Settings\temp\23.tmp
c:\documents and settings\HellRiser\Local Settings\temp\3.tmp
c:\documents and settings\HellRiser\Local Settings\temp\3640.tmp
c:\documents and settings\HellRiser\Local Settings\temp\4.tmp
c:\documents and settings\HellRiser\Local Settings\temp\5.tmp
c:\documents and settings\HellRiser\Local Settings\temp\6.tmp
c:\documents and settings\HellRiser\Local Settings\temp\7.tmp
c:\documents and settings\HellRiser\Local Settings\temp\8.tmp
c:\documents and settings\HellRiser\Local Settings\temp\88BA.tmp
c:\documents and settings\HellRiser\Local Settings\temp\8915.tmp
c:\documents and settings\HellRiser\Local Settings\temp\9.tmp
c:\documents and settings\HellRiser\Local Settings\temp\fdmC90F.tmp
c:\documents and settings\HellRiser\Local Settings\temp\install_flashplayer11x32_chra_aih.exe
c:\documents and settings\HellRiser\Local Settings\temp\SkypeSetup.exe
c:\documents and settings\HellRiser\Local Settings\temp\UnlockerAssistant.exe
c:\documents and settings\HellRiser\Local Settings\temp\UnlockerHook.dll
c:\program files\Winamp Toolbar
c:\program files\Winamp Toolbar\apopup.dll
c:\program files\Winamp Toolbar\install.log
c:\program files\Winamp Toolbar\msvcr71.dll
c:\program files\Winamp Toolbar\uninstall.exe
c:\program files\Winamp Toolbar\winamptb.dll
c:\program files\Winamp Toolbar\winampTbServer.exe
c:\program files\Winamp Toolbar\winamptbServerPS.dll
c:\program files\Winamp Toolbar\xprt5.dll
c:\windows\003218_.tmp
c:\windows\tasks\AppleSoftwareUpdate.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-29 )))))))))))))))))))))))))))))))
.
.
2011-12-28 13:38 . 2011-12-28 13:38 -------- d-----w- c:\program files\Common Files\Spigot
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YouTube Downloader
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\program files\YouTube Downloader
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\l2schemas
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\cs
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\bits
2011-12-26 17:45 . 2008-04-14 07:51 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2011-12-26 17:42 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 06:55 . 2011-11-23 06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-01-26 17:11 . 2010-12-27 01:04 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2011-12-24 10:54 . 2011-06-02 17:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-28_12.20.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-29 19:19 . 2011-12-29 19:19 16384 c:\windows\temp\Perflib_Perfdata_430.dat
+ 2008-09-17 10:50 . 2011-12-29 21:36 41638 c:\windows\system32\nvModes.dat
+ 2008-03-04 02:17 . 2008-03-04 02:17 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcr90.dll
+ 2008-03-04 02:17 . 2008-03-04 02:17 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcp90.dll
+ 2008-03-03 20:52 . 2008-03-03 20:52 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcm90.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336]
"nwiz"="nwiz.exe" [2007-06-20 1626112]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-15 815104]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224]
"AveoSTI.exe"="c:\program files\AVEO\AveoCap\AveoSTI.exe" [2007-11-06 24576]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-01-20 217088]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
2009-01-05 06:27 361472 ----a-w- c:\program files\VersalSoft\InternetDownload\InternetDownload.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\dc++\\StrongDC.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"e:\\Hry\\NHL08\\nhl2008.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Hry\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [6.11.2009 17:03 35712]
R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [25.9.2011 13:19 6097]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.9.2008 12:50 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 11:22 185472]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [5.4.2007 10:29 208896]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [17.9.2008 12:02 40960]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [8.2.2011 14:46 14976]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [17.9.2008 12:02 9088]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [6.11.2009 17:03 39680]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [18.8.2010 16:35 3567]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [7.2.2011 23:42 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [7.2.2011 23:42 11104]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [25.9.2011 13:19 299923]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download - c:\program files\VersalSoft\InternetDownload\adddownload.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.56.100 213.215.80.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=home
FF - prefs.js: network.proxy.type - 2
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-UnlockerAssistant - c:\docume~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe
AddRemove-Winamp Toolbar - c:\program files\Winamp Toolbar\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-30 00:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:47,f1,3b,16,1f,4b,5a,ea,de,73,1b,e0,e6,08,82,f1,85,a8,c1,0d,cd,fa,36,
30,4c,bb,15,ab,00,01,d6,1c,54,de,26,7b,e4,88,dc,3a,76,36,b5,98,05,83,e9,0b,\
"??"=hex:c6,6a,f7,8f,fe,3c,4f,61,41,8d,54,ac,87,80,6a,de
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,de,d0,95,04,aa,5e,d9,de,65,3e,b3,4b,0f,b3,62,b8,73,96,ad,e6,
2f,b5,d4,97,05,73,6d,0b,86,21,b9,e7,b8,cb,34,b8,21,b3,a0,79,a1,ab,c8,08,23,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3668)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\AGRSMMSG.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\Mouse Driver\KMProcess.exe
.
**************************************************************************
.
Completion time: 2011-12-30 00:59:57 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-29 23:59
ComboFix2.txt 2011-12-28 12:25
.
Pre-Run: 6 091 018 240
Post-Run: 2 679 046 144
.
- - End Of File - - 89CE4C27887A027B04C1DCE38B8FA05E
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3071.2671 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
"c:\windows\003218_.tmp"
"c:\windows\tasks\AppleSoftwareUpdate.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\GoogleEarth.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\earthps.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\ge_expat.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\googleearth_free.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\msvcp100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\msvcr100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\Plugins\npgeinprocessplugin.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\client\wavdest.ax
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\earthps.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\ge_expat.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\googleearth_free.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\msvcp100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\msvcr100.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\npgeplugin.dll
c:\documents and settings\HellRiser\Local Settings\temp\._msige61\program files\Google\Google Earth\plugin\plugin_ax.dll
c:\documents and settings\HellRiser\Local Settings\temp\2.tmp
c:\documents and settings\HellRiser\Local Settings\temp\23.tmp
c:\documents and settings\HellRiser\Local Settings\temp\3.tmp
c:\documents and settings\HellRiser\Local Settings\temp\3640.tmp
c:\documents and settings\HellRiser\Local Settings\temp\4.tmp
c:\documents and settings\HellRiser\Local Settings\temp\5.tmp
c:\documents and settings\HellRiser\Local Settings\temp\6.tmp
c:\documents and settings\HellRiser\Local Settings\temp\7.tmp
c:\documents and settings\HellRiser\Local Settings\temp\8.tmp
c:\documents and settings\HellRiser\Local Settings\temp\88BA.tmp
c:\documents and settings\HellRiser\Local Settings\temp\8915.tmp
c:\documents and settings\HellRiser\Local Settings\temp\9.tmp
c:\documents and settings\HellRiser\Local Settings\temp\fdmC90F.tmp
c:\documents and settings\HellRiser\Local Settings\temp\install_flashplayer11x32_chra_aih.exe
c:\documents and settings\HellRiser\Local Settings\temp\SkypeSetup.exe
c:\documents and settings\HellRiser\Local Settings\temp\UnlockerAssistant.exe
c:\documents and settings\HellRiser\Local Settings\temp\UnlockerHook.dll
c:\program files\Winamp Toolbar
c:\program files\Winamp Toolbar\apopup.dll
c:\program files\Winamp Toolbar\install.log
c:\program files\Winamp Toolbar\msvcr71.dll
c:\program files\Winamp Toolbar\uninstall.exe
c:\program files\Winamp Toolbar\winamptb.dll
c:\program files\Winamp Toolbar\winampTbServer.exe
c:\program files\Winamp Toolbar\winamptbServerPS.dll
c:\program files\Winamp Toolbar\xprt5.dll
c:\windows\003218_.tmp
c:\windows\tasks\AppleSoftwareUpdate.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-29 )))))))))))))))))))))))))))))))
.
.
2011-12-28 13:38 . 2011-12-28 13:38 -------- d-----w- c:\program files\Common Files\Spigot
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YouTube Downloader
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\program files\YouTube Downloader
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\l2schemas
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\cs
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\bits
2011-12-26 17:45 . 2008-04-14 07:51 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2011-12-26 17:42 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 06:55 . 2011-11-23 06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-01-26 17:11 . 2010-12-27 01:04 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2011-12-24 10:54 . 2011-06-02 17:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-28_12.20.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-29 19:19 . 2011-12-29 19:19 16384 c:\windows\temp\Perflib_Perfdata_430.dat
+ 2008-09-17 10:50 . 2011-12-29 21:36 41638 c:\windows\system32\nvModes.dat
+ 2008-03-04 02:17 . 2008-03-04 02:17 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcr90.dll
+ 2008-03-04 02:17 . 2008-03-04 02:17 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcp90.dll
+ 2008-03-03 20:52 . 2008-03-03 20:52 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcm90.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336]
"nwiz"="nwiz.exe" [2007-06-20 1626112]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-15 815104]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224]
"AveoSTI.exe"="c:\program files\AVEO\AveoCap\AveoSTI.exe" [2007-11-06 24576]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-01-20 217088]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
2009-01-05 06:27 361472 ----a-w- c:\program files\VersalSoft\InternetDownload\InternetDownload.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\dc++\\StrongDC.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"e:\\Hry\\NHL08\\nhl2008.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Hry\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [6.11.2009 17:03 35712]
R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [25.9.2011 13:19 6097]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.9.2008 12:50 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 11:22 185472]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [5.4.2007 10:29 208896]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [17.9.2008 12:02 40960]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [8.2.2011 14:46 14976]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [17.9.2008 12:02 9088]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [6.11.2009 17:03 39680]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [18.8.2010 16:35 3567]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [7.2.2011 23:42 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [7.2.2011 23:42 11104]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [25.9.2011 13:19 299923]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download - c:\program files\VersalSoft\InternetDownload\adddownload.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.56.100 213.215.80.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=home
FF - prefs.js: network.proxy.type - 2
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-UnlockerAssistant - c:\docume~1\HELLRI~1\LOCALS~1\Temp\UnlockerAssistant.exe
AddRemove-Winamp Toolbar - c:\program files\Winamp Toolbar\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-30 00:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:47,f1,3b,16,1f,4b,5a,ea,de,73,1b,e0,e6,08,82,f1,85,a8,c1,0d,cd,fa,36,
30,4c,bb,15,ab,00,01,d6,1c,54,de,26,7b,e4,88,dc,3a,76,36,b5,98,05,83,e9,0b,\
"??"=hex:c6,6a,f7,8f,fe,3c,4f,61,41,8d,54,ac,87,80,6a,de
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,de,d0,95,04,aa,5e,d9,de,65,3e,b3,4b,0f,b3,62,b8,73,96,ad,e6,
2f,b5,d4,97,05,73,6d,0b,86,21,b9,e7,b8,cb,34,b8,21,b3,a0,79,a1,ab,c8,08,23,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3668)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\AGRSMMSG.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\Mouse Driver\KMProcess.exe
.
**************************************************************************
.
Completion time: 2011-12-30 00:59:57 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-29 23:59
ComboFix2.txt 2011-12-28 12:25
.
Pre-Run: 6 091 018 240
Post-Run: 2 679 046 144
.
- - End Of File - - 89CE4C27887A027B04C1DCE38B8FA05E
Re: Poprosim o kontrolu
Jeste jeden skript, postup stejny
Kód: Vybrat vše
KillAll::
DirLook::
c:\windows\system32\cs
c:\windows\system32\bits
Folder::
c:\program files\Common Files\Spigot
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=-
File::
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk
RegNull::
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
Reboot::"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosim o kontrolu
ComboFix 11-12-28.02 - Administrator 30.12.2011 12:38:35.11.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3071.2668 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YouTube Downloader
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\program files\YouTube Downloader
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\l2schemas
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\cs
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\bits
2011-12-26 17:45 . 2008-04-14 07:51 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2011-12-26 17:42 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 06:55 . 2011-11-23 06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-01-26 17:11 . 2010-12-27 01:04 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2011-12-24 10:54 . 2011-06-02 17:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\system32\bits ----
.
2011-12-26 17:47 . 2008-04-14 07:51 409088 ------w- c:\windows\system32\bits\qmgr.dll
.
---- Directory of c:\windows\system32\cs ----
.
2011-12-26 17:47 . 2008-04-14 07:51 16384 ------w- c:\windows\system32\cs\microsoft.managementconsole.resources.dll
2011-12-26 17:47 . 2008-04-14 07:51 36864 ------w- c:\windows\system32\cs\mmcex.resources.dll
2011-12-26 17:47 . 2008-04-14 07:51 5120 ------w- c:\windows\system32\cs\mmcfxcommon.resources.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-28_12.20.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-30 11:52 . 2011-12-30 11:52 16384 c:\windows\temp\Perflib_Perfdata_284.dat
+ 2008-09-17 10:50 . 2011-12-29 21:36 41638 c:\windows\system32\nvModes.dat
+ 2008-03-04 02:17 . 2008-03-04 02:17 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcr90.dll
+ 2008-03-04 02:17 . 2008-03-04 02:17 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcp90.dll
+ 2008-03-03 20:52 . 2008-03-03 20:52 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcm90.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336]
"nwiz"="nwiz.exe" [2007-06-20 1626112]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-15 815104]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224]
"AveoSTI.exe"="c:\program files\AVEO\AveoCap\AveoSTI.exe" [2007-11-06 24576]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
2009-01-05 06:27 361472 ----a-w- c:\program files\VersalSoft\InternetDownload\InternetDownload.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\dc++\\StrongDC.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"e:\\Hry\\NHL08\\nhl2008.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Hry\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [6.11.2009 17:03 35712]
R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [25.9.2011 13:19 6097]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.9.2008 12:50 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 11:22 185472]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [5.4.2007 10:29 208896]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [17.9.2008 12:02 40960]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [8.2.2011 14:46 14976]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [17.9.2008 12:02 9088]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [6.11.2009 17:03 39680]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [18.8.2010 16:35 3567]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [7.2.2011 23:42 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [7.2.2011 23:42 11104]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [25.9.2011 13:19 299923]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download - c:\program files\VersalSoft\InternetDownload\adddownload.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.56.100 213.215.80.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=home
FF - prefs.js: network.proxy.type - 2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-30 12:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:47,f1,3b,16,1f,4b,5a,ea,de,73,1b,e0,e6,08,82,f1,85,a8,c1,0d,cd,fa,36,
30,4c,bb,15,ab,00,01,d6,1c,54,de,26,7b,e4,88,dc,3a,76,36,b5,98,05,83,e9,0b,\
"??"=hex:c6,6a,f7,8f,fe,3c,4f,61,41,8d,54,ac,87,80,6a,de
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,de,d0,95,04,aa,5e,d9,de,65,3e,b3,4b,0f,b3,62,b8,73,96,ad,e6,
2f,b5,d4,97,05,73,6d,0b,86,21,b9,e7,b8,cb,34,b8,21,b3,a0,79,a1,ab,c8,08,23,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3736)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\RTHDCPL.EXE
c:\windows\AGRSMMSG.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2011-12-30 12:57:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-30 11:57
ComboFix2.txt 2011-12-29 23:59
ComboFix3.txt 2011-12-28 12:25
.
Pre-Run: 5 915 090 944
Post-Run: 2 663 321 600
.
- - End Of File - - 8C370B7E990EE80ADE1B51AB89D322B7
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3071.2668 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml
.
.
((((((((((((((((((((((((( Files Created from 2011-11-28 to 2011-12-30 )))))))))))))))))))))))))))))))
.
.
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YouTube Downloader
2011-12-28 13:37 . 2011-12-28 13:37 -------- d-----w- c:\program files\YouTube Downloader
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\l2schemas
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\cs
2011-12-26 17:47 . 2011-12-26 17:47 -------- d-----w- c:\windows\system32\bits
2011-12-26 17:45 . 2008-04-14 07:51 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2011-12-26 17:42 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 06:55 . 2011-11-23 06:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-01-26 17:11 . 2010-12-27 01:04 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2011-12-24 10:54 . 2011-06-02 17:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\system32\bits ----
.
2011-12-26 17:47 . 2008-04-14 07:51 409088 ------w- c:\windows\system32\bits\qmgr.dll
.
---- Directory of c:\windows\system32\cs ----
.
2011-12-26 17:47 . 2008-04-14 07:51 16384 ------w- c:\windows\system32\cs\microsoft.managementconsole.resources.dll
2011-12-26 17:47 . 2008-04-14 07:51 36864 ------w- c:\windows\system32\cs\mmcex.resources.dll
2011-12-26 17:47 . 2008-04-14 07:51 5120 ------w- c:\windows\system32\cs\mmcfxcommon.resources.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-28_12.20.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-30 11:52 . 2011-12-30 11:52 16384 c:\windows\temp\Perflib_Perfdata_284.dat
+ 2008-09-17 10:50 . 2011-12-29 21:36 41638 c:\windows\system32\nvModes.dat
+ 2008-03-04 02:17 . 2008-03-04 02:17 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcr90.dll
+ 2008-03-04 02:17 . 2008-03-04 02:17 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcp90.dll
+ 2008-03-03 20:52 . 2008-03-03 20:52 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30304.0_x-ww_003f2b36\msvcm90.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336]
"nwiz"="nwiz.exe" [2007-06-20 1626112]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-09-15 815104]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224]
"AveoSTI.exe"="c:\program files\AVEO\AveoCap\AveoSTI.exe" [2007-11-06 24576]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
2009-01-05 06:27 361472 ----a-w- c:\program files\VersalSoft\InternetDownload\InternetDownload.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Java\\jre1.6.0_07\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\dc++\\StrongDC.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"e:\\Hry\\NHL08\\nhl2008.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Hry\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [6.11.2009 17:03 35712]
R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [25.9.2011 13:19 6097]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.9.2008 12:50 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 11:22 185472]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [5.4.2007 10:29 208896]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [17.9.2008 12:02 40960]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [8.2.2011 14:46 14976]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [17.9.2008 12:02 9088]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [6.11.2009 17:03 39680]
S3 PortTalk;PortTalk;c:\windows\system32\drivers\PortTalk.sys [18.8.2010 16:35 3567]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [7.2.2011 23:42 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [7.2.2011 23:42 11104]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\HELLRI~1\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [25.9.2011 13:19 299923]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download by VersalSoft Internet Download - c:\program files\VersalSoft\InternetDownload\adddownload.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.56.100 213.215.80.2
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\HellRiser\Data aplikací\Mozilla\Firefox\Profiles\e5uo4imy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=home
FF - prefs.js: network.proxy.type - 2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-30 12:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:47,f1,3b,16,1f,4b,5a,ea,de,73,1b,e0,e6,08,82,f1,85,a8,c1,0d,cd,fa,36,
30,4c,bb,15,ab,00,01,d6,1c,54,de,26,7b,e4,88,dc,3a,76,36,b5,98,05,83,e9,0b,\
"??"=hex:c6,6a,f7,8f,fe,3c,4f,61,41,8d,54,ac,87,80,6a,de
.
[HKEY_USERS\S-1-5-21-839522115-725345543-2146989891-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,de,d0,95,04,aa,5e,d9,de,65,3e,b3,4b,0f,b3,62,b8,73,96,ad,e6,
2f,b5,d4,97,05,73,6d,0b,86,21,b9,e7,b8,cb,34,b8,21,b3,a0,79,a1,ab,c8,08,23,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3736)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\RTHDCPL.EXE
c:\windows\AGRSMMSG.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2011-12-30 12:57:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-30 11:57
ComboFix2.txt 2011-12-29 23:59
ComboFix3.txt 2011-12-28 12:25
.
Pre-Run: 5 915 090 944
Post-Run: 2 663 321 600
.
- - End Of File - - 8C370B7E990EE80ADE1B51AB89D322B7
Re: Poprosim o kontrolu
Co nas pacient
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Poprosim o kontrolu
Vsetko vyzera OK! takze vdaka za pomoc a prajem prijemny zvysok dna
Přispějete na provoz fóra?