Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
VIRUS RECYCLER NA PAMETOVCE
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
V tom C:\Documents and Settings\Monika\Local Settings\Data aplikací jsem žádný takový soubo neviděl, i kdyz jsem měl zapnuté zobrazení skrytých souborů.
Ten druhý soubor jsem neznal, smázl jsem ho.
Ten druhý soubor jsem neznal, smázl jsem ho.
Re: VIRUS RECYCLER NA PAMETOVCE
Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm??
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/??
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}??
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}??
IE - HKU\S-1-5-21-725345543-1993962763-2147133589-1004\..\SearchScopes\${searchCLSID}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC??
IE - HKU\S-1-5-21-725345543-1993962763-2147133589-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC??
[2010.02.26 22:52:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Extensions??
[2012.07.27 08:21:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions??
[2012.07.17 09:12:31 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}??
[2012.07.27 08:21:51 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}??
[2011.10.28 18:51:23 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}??
[2010.12.25 17:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash??
[2012.06.15 17:44:16 | 000,000,000 | ---D | M] (blekko search bar) -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{b57a9eb1-0e57-4850-a701-4d169538e6ed}??
[2010.05.22 13:34:56 | 000,000,000 | ---D | M] (Illimitux) -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\illimitux@illimitux.net??
[2012.07.25 08:27:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-1.xml??
[2012.06.17 09:57:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-10.xml??
[2011.10.01 00:16:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-11.xml??
[2011.11.26 11:27:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-12.xml??
[2012.01.14 19:37:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-13.xml??
[2012.02.12 16:16:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-14.xml??
[2012.02.17 22:28:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-15.xml??
[2012.03.20 19:42:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-16.xml??
[2012.07.18 08:51:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-17.xml??
[2011.09.01 20:38:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-2.xml??
[2011.03.06 17:36:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-3.xml??
[2011.03.22 20:51:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-4.xml??
[2011.03.22 23:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-5.xml??
[2011.06.21 22:01:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-6.xml??
[2011.08.16 22:48:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-7.xml??
[2011.08.17 21:09:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-8.xml??
[2011.09.07 20:27:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-9.xml??
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.gif??
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.src??
[2010.10.28 16:12:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.xml??
[2012.06.16 12:58:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions??
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.??
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)??
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\All Users\Data aplikací\30c9241b
C:\Documents and Settings\Monika\Local Settings\Data aplikací\65509add
C:\Documents and Settings\All Users\Data aplikací\blekko toolbars
c:\documents and settings\Monika\Data aplikací\Bwtstt.exe
:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-725345543-1993962763-2147133589-1004\Software\Microsoft\Internet Explorer\SearchScopes\{searchCLSID}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchCLSID}\ not found.
Registry key HKEY_USERS\S-1-5-21-725345543-1993962763-2147133589-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Extensions??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{b57a9eb1-0e57-4850-a701-4d169538e6ed}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\illimitux@illimitux.net??\ not found.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.xml moved successfully.
Folder C:\Program Files\Mozilla Firefox\extensions??\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
File C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)?? not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002511_.tmp moved successfully.
C:\WINDOWS\SET21.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13A0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F01.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP217.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP272.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP288.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29FB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP306.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP33C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP429.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP475.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP519.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP606.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP780.tmp folder moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\tmp-00012601.tmp moved successfully.
C:\WINDOWS\system32\tmp-000184EA.tmp moved successfully.
C:\WINDOWS\system32\xdent.tmp moved successfully.
File\Folder C:\Documents and Settings\All Users\Data aplikací\30c9241b not found.
C:\Documents and Settings\Monika\Local Settings\Data aplikací\65509add moved successfully.
File\Folder C:\Documents and Settings\All Users\Data aplikací\blekko toolbars not found.
File\Folder c:\documents and settings\Monika\Data aplikací\Bwtstt.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Monika
->Temp folder emptied: 719078 bytes
->Temporary Internet Files folder emptied: 3425348 bytes
->Java cache emptied: 5938061 bytes
->FireFox cache emptied: 224212343 bytes
->Flash cache emptied: 4193 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 827109 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 224,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: Monika
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.55.0 log created on 07292012_160857
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-725345543-1993962763-2147133589-1004\Software\Microsoft\Internet Explorer\SearchScopes\{searchCLSID}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchCLSID}\ not found.
Registry key HKEY_USERS\S-1-5-21-725345543-1993962763-2147133589-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Extensions??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\{b57a9eb1-0e57-4850-a701-4d169538e6ed}??\ not found.
Folder C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\illimitux@illimitux.net??\ not found.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\searchplugins\icqplugin.xml moved successfully.
Folder C:\Program Files\Mozilla Firefox\extensions??\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
File C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)?? not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002511_.tmp moved successfully.
C:\WINDOWS\SET21.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13A0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F01.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP217.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP272.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP288.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29FB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP306.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP33C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP429.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP475.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP519.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP606.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP780.tmp folder moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\tmp-00012601.tmp moved successfully.
C:\WINDOWS\system32\tmp-000184EA.tmp moved successfully.
C:\WINDOWS\system32\xdent.tmp moved successfully.
File\Folder C:\Documents and Settings\All Users\Data aplikací\30c9241b not found.
C:\Documents and Settings\Monika\Local Settings\Data aplikací\65509add moved successfully.
File\Folder C:\Documents and Settings\All Users\Data aplikací\blekko toolbars not found.
File\Folder c:\documents and settings\Monika\Data aplikací\Bwtstt.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Monika
->Temp folder emptied: 719078 bytes
->Temporary Internet Files folder emptied: 3425348 bytes
->Java cache emptied: 5938061 bytes
->FireFox cache emptied: 224212343 bytes
->Flash cache emptied: 4193 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 827109 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 224,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: Monika
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.55.0 log created on 07292012_160857
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: VIRUS RECYCLER NA PAMETOVCE
Co počítač?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
Zda se byr v pořádku. Teď bych pro jistotu zkusil ještě otestovat notas, ať mám jistotu, že jsem si to neprenesl z velkého Pc. Co na to použít?
Re: VIRUS RECYCLER NA PAMETOVCE
Začněte rsitem a usbfixem, ale prosím založte nový topic a napištwe pro motji. bohužel tu ted bývám jen večer.
Za dva dny bych ještě tento pc zkontrolovala combofixem.
Za dva dny bych ještě tento pc zkontrolovala combofixem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: VIRUS RECYCLER NA PAMETOVCE
Poprosila bych o nový log z combofixu
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
ComboFix 12-07-08.01 - Monika 04.08.2012 14:30:56.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.663 [GMT 2:00]
Spuštěný z: c:\documents and settings\Monika\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-04 do 2012-08-04 )))))))))))))))))))))))))))))))
.
.
2012-07-29 14:08 . 2012-07-29 14:08 -------- d-----w- C:\_OTL
2012-07-27 06:32 . 2012-07-27 06:32 512 ----a-w- C:\PhysicalMBR.bin
2012-07-26 05:26 . 2012-07-26 05:26 -------- d-----w- c:\program files\trend micro
2012-07-26 05:26 . 2012-07-26 05:26 -------- d-----w- C:\rsit
2012-07-17 07:36 . 2012-07-18 12:48 -------- d-----w- c:\program files\Red Alert 2 Yuri's Revenge
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-04 01:10 . 2012-04-05 15:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-04 01:10 . 2011-05-14 12:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-16 13:19 . 2012-06-16 12:09 2004 ----a-w- C:\UsbFix_Upload_Me_MONIKA-PC.zip
2012-06-16 10:57 . 2012-06-16 10:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-16 10:57 . 2012-06-16 10:58 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 10:57 . 2010-05-12 16:26 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-13 13:55 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2008-04-14 03:21 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:35 . 2010-08-24 07:18 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2010-02-26 20:36 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2010-02-26 20:36 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2010-02-26 19:50 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2010-02-26 19:50 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2010-02-26 19:50 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2010-02-26 20:36 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2010-02-26 20:36 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2010-02-26 20:36 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2010-02-26 19:50 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2010-02-26 19:50 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2010-02-26 19:50 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2010-02-26 19:50 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2010-08-24 07:18 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2010-08-24 07:18 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:22 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-07-18 06:50 . 2011-03-22 18:50 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-08_15.06.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-04 10:34 . 2012-08-04 10:34 16384 c:\windows\temp\Perflib_Perfdata_fc.dat
+ 2012-08-04 01:10 . 2012-08-04 01:10 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe
+ 2012-08-04 00:10 . 2012-08-04 00:10 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe
+ 2012-08-04 00:10 . 2012-08-04 00:10 466632 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.dll
+ 2012-04-05 15:51 . 2012-08-04 01:10 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-05 15:51 . 2012-06-25 13:10 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2010-02-26 20:38 . 2012-07-11 14:42 210488 c:\windows\system32\FNTCACHE.DAT
- 2010-02-26 20:38 . 2012-06-14 19:10 210488 c:\windows\system32\FNTCACHE.DAT
+ 2009-06-25 08:27 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll
- 2010-02-26 19:50 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-02-26 19:50 . 2012-05-28 18:16 536576 c:\windows\system32\dllcache\msado15.dll
- 2011-06-17 12:43 . 2011-06-17 12:43 371272 c:\windows\Installer\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}\SkypeIcon.exe
+ 2012-07-16 09:13 . 2012-07-16 09:13 371272 c:\windows\Installer\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}\SkypeIcon.exe
+ 2006-03-02 12:00 . 2012-06-08 14:25 8466944 c:\windows\system32\shell32.dll
+ 2012-08-04 01:10 . 2012-08-04 01:10 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
+ 2009-08-14 15:15 . 2012-06-13 13:55 1866112 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-17 19:02 . 2012-06-08 14:25 8466944 c:\windows\system32\dllcache\shell32.dll
+ 2008-04-14 03:21 . 2012-06-05 15:49 1372672 c:\windows\system32\dllcache\msxml6.dll
- 2008-04-14 03:21 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2010-02-26 20:44 . 2012-06-05 15:49 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2010-02-26 20:44 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2010-02-26 22:32 . 2012-07-11 14:38 57442464 c:\windows\system32\MRT.exe
+ 2012-06-15 15:44 . 2012-08-04 12:37 521639968 c:\windows\system32\drivers\fidbox.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\windows\system32\qttask.exe" [2010-02-26 98304]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-31 2145000]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Anti-phishing Domain Advisor"="c:\documents and settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Hlavní panel ATI CATALYST.lnk
backup=c:\windows\pss\Hlavní panel ATI CATALYST.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-09-25 07:12 45056 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2005-06-28 20:05 344064 -c--a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
2004-06-11 03:15 83968 ----a-r- c:\windows\system32\nvraidservice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-26 23:11 98304 ----a-w- c:\windows\system32\qttask.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Red Alert 2 Yuri's Revenge\\gamemd.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13309:TCP"= 13309:TCP:BitComet 13309 TCP
"13309:UDP"= 13309:UDP:BitComet 13309 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [31.3.2010 8:22 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [31.3.2010 8:23 95872]
R1 is-D72FGdrv;is-D72FGdrv;c:\windows\system32\drivers\24392970.sys [16.6.2012 14:40 148496]
R1 is-SGD7Ddrv;is-SGD7Ddrv;c:\windows\system32\drivers\87520850.sys [15.6.2012 17:44 148496]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [31.3.2010 8:23 810120]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18.1.2012 18:49 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18.1.2012 18:49 22216]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5.4.2012 17:51 250056]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [20.1.2011 19:18 13224]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [30.4.2012 9:55 113120]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 01:10]
.
2012-08-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2012-03-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page =
mSearch Bar =
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" //mailurl:mailto:reklama@europrinty.eu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.0&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-04 14:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3920)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-08-04 14:39:29
ComboFix-quarantined-files.txt 2012-08-04 12:39
ComboFix2.txt 2012-07-26 16:54
ComboFix3.txt 2012-07-25 13:33
ComboFix4.txt 2012-07-25 06:23
ComboFix5.txt 2012-08-04 12:28
.
Před spuštěním: 313 151 488
Po spuštění: 301 682 688
.
- - End Of File - - CEA48A1FED8185BE36C32484EF81B529
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.663 [GMT 2:00]
Spuštěný z: c:\documents and settings\Monika\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-04 do 2012-08-04 )))))))))))))))))))))))))))))))
.
.
2012-07-29 14:08 . 2012-07-29 14:08 -------- d-----w- C:\_OTL
2012-07-27 06:32 . 2012-07-27 06:32 512 ----a-w- C:\PhysicalMBR.bin
2012-07-26 05:26 . 2012-07-26 05:26 -------- d-----w- c:\program files\trend micro
2012-07-26 05:26 . 2012-07-26 05:26 -------- d-----w- C:\rsit
2012-07-17 07:36 . 2012-07-18 12:48 -------- d-----w- c:\program files\Red Alert 2 Yuri's Revenge
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-04 01:10 . 2012-04-05 15:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-04 01:10 . 2011-05-14 12:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-16 13:19 . 2012-06-16 12:09 2004 ----a-w- C:\UsbFix_Upload_Me_MONIKA-PC.zip
2012-06-16 10:57 . 2012-06-16 10:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-16 10:57 . 2012-06-16 10:58 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 10:57 . 2010-05-12 16:26 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-13 13:55 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2008-04-14 03:21 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-03-02 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:35 . 2010-08-24 07:18 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2006-03-02 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2010-02-26 20:36 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2010-02-26 20:36 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2010-02-26 19:50 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2010-02-26 19:50 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2010-02-26 19:50 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2010-02-26 20:36 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2010-02-26 20:36 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2010-02-26 20:36 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2010-02-26 19:50 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2010-02-26 19:50 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2010-02-26 19:50 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2010-02-26 19:50 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2010-08-24 07:18 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2010-08-24 07:18 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-05-31 13:22 . 2006-03-02 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-07-18 06:50 . 2011-03-22 18:50 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-08_15.06.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-04 10:34 . 2012-08-04 10:34 16384 c:\windows\temp\Perflib_Perfdata_fc.dat
+ 2012-08-04 01:10 . 2012-08-04 01:10 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe
+ 2012-08-04 00:10 . 2012-08-04 00:10 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe
+ 2012-08-04 00:10 . 2012-08-04 00:10 466632 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.dll
+ 2012-04-05 15:51 . 2012-08-04 01:10 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-05 15:51 . 2012-06-25 13:10 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2010-02-26 20:38 . 2012-07-11 14:42 210488 c:\windows\system32\FNTCACHE.DAT
- 2010-02-26 20:38 . 2012-06-14 19:10 210488 c:\windows\system32\FNTCACHE.DAT
+ 2009-06-25 08:27 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll
- 2010-02-26 19:50 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-02-26 19:50 . 2012-05-28 18:16 536576 c:\windows\system32\dllcache\msado15.dll
- 2011-06-17 12:43 . 2011-06-17 12:43 371272 c:\windows\Installer\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}\SkypeIcon.exe
+ 2012-07-16 09:13 . 2012-07-16 09:13 371272 c:\windows\Installer\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}\SkypeIcon.exe
+ 2006-03-02 12:00 . 2012-06-08 14:25 8466944 c:\windows\system32\shell32.dll
+ 2012-08-04 01:10 . 2012-08-04 01:10 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
+ 2009-08-14 15:15 . 2012-06-13 13:55 1866112 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-17 19:02 . 2012-06-08 14:25 8466944 c:\windows\system32\dllcache\shell32.dll
+ 2008-04-14 03:21 . 2012-06-05 15:49 1372672 c:\windows\system32\dllcache\msxml6.dll
- 2008-04-14 03:21 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2010-02-26 20:44 . 2012-06-05 15:49 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2010-02-26 20:44 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2010-02-26 22:32 . 2012-07-11 14:38 57442464 c:\windows\system32\MRT.exe
+ 2012-06-15 15:44 . 2012-08-04 12:37 521639968 c:\windows\system32\drivers\fidbox.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\windows\system32\qttask.exe" [2010-02-26 98304]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-31 2145000]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Anti-phishing Domain Advisor"="c:\documents and settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Hlavní panel ATI CATALYST.lnk
backup=c:\windows\pss\Hlavní panel ATI CATALYST.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-09-25 07:12 45056 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2005-06-28 20:05 344064 -c--a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
2004-06-11 03:15 83968 ----a-r- c:\windows\system32\nvraidservice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-26 23:11 98304 ----a-w- c:\windows\system32\qttask.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Red Alert 2 Yuri's Revenge\\gamemd.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13309:TCP"= 13309:TCP:BitComet 13309 TCP
"13309:UDP"= 13309:UDP:BitComet 13309 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [31.3.2010 8:22 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [31.3.2010 8:23 95872]
R1 is-D72FGdrv;is-D72FGdrv;c:\windows\system32\drivers\24392970.sys [16.6.2012 14:40 148496]
R1 is-SGD7Ddrv;is-SGD7Ddrv;c:\windows\system32\drivers\87520850.sys [15.6.2012 17:44 148496]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [31.3.2010 8:23 810120]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18.1.2012 18:49 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18.1.2012 18:49 22216]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5.4.2012 17:51 250056]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [20.1.2011 19:18 13224]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [30.4.2012 9:55 113120]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 01:10]
.
2012-08-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2012-03-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page =
mSearch Bar =
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" //mailurl:mailto:reklama@europrinty.eu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.0&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-04 14:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3920)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-08-04 14:39:29
ComboFix-quarantined-files.txt 2012-08-04 12:39
ComboFix2.txt 2012-07-26 16:54
ComboFix3.txt 2012-07-25 13:33
ComboFix4.txt 2012-07-25 06:23
ComboFix5.txt 2012-08-04 12:28
.
Před spuštěním: 313 151 488
Po spuštění: 301 682 688
.
- - End Of File - - CEA48A1FED8185BE36C32484EF81B529
Re: VIRUS RECYCLER NA PAMETOVCE
Vypadá to dobře, co počítač?
Ještě otestujte na www.virustotal.com
c:\windows\system32\drivers\24392970.sys
c:\windows\system32\drivers\87520850.sys
Ještě otestujte na www.virustotal.com
c:\windows\system32\drivers\24392970.sys
c:\windows\system32\drivers\87520850.sys
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
Tak oba testované soubory měly nulu. Tak snad to bude vše v pořádku.
Re: VIRUS RECYCLER NA PAMETOVCE
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
Logfile of random's system information tool 1.09 (written by random/random)
Run by Monika at 2012-08-06 09:29:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 538 MB (3%) free of 20 GB
Total RAM: 1023 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:34, on 6.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Monika\Plocha\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Monika.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:reklama@europrinty.eu
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7216548875
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0366517953
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 6805 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, illimitux@illimitux.net:4.0, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, jqs@sun.com:1.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{4C0766D3-67A7-45a3-85A2-752F77312F32}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\
illimitux@illimitux.net
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{b57a9eb1-0e57-4850-a701-4d169538e6ed}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-16 329480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-16 59144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-16 79624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2145000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Anti-phishing Domain Advisor"=C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-22 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe"="C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.iac2"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iac25_32.ax
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.avrn"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.advj"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"=C:\PROGRA~1\MEGACO~1\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\MEGACO~1\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\MEGACO~1\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\MEGACO~1\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\MEGACO~1\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\MEGACO~1\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\MEGACO~1\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\MEGACO~1\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\MEGACO~1\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\MEGACO~1\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\MEGACO~1\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"msacm.sl_anet"=C:\PROGRA~1\MEGACO~1\SystemS\sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\MEGACO~1\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\MEGACO~1\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\MEGACO~1\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\MEGACO~1\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\MEGACO~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr2.dll
"vidc.mwv1"=C:\PROGRA~1\MEGACO~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"=C:\PROGRA~1\MEGACO~1\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divx4.dll
"msacm.divxa32"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv32"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv42"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir50_32.dll
"vidc.iyuv"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\Iyvu9_32.dll
"vidc.ir21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\MEGACO~1\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvc"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvcs"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dcmj"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi1"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi2"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.dv25"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.msmc"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
======List of files/folders created in the last 1 month======
2012-08-06 09:29:29 ----D---- C:\rsit
2012-08-06 09:03:14 ----D---- C:\Program Files\ICQ7M
2012-08-04 20:21:56 ----SHD---- C:\RECYCLER
2012-08-04 13:28:04 ----D---- C:\Documents and Settings\Monika\Data aplikací\WinRAR
2012-07-26 18:46:55 ----D---- C:\WINDOWS\temp
2012-07-26 07:26:02 ----D---- C:\Program Files\trend micro
2012-07-17 09:36:53 ----D---- C:\Program Files\Red Alert 2 Yuri's Revenge
2012-07-11 16:41:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-11 16:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 16:37:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 16:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 16:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-08 16:51:55 ----RAD---- C:\Autorun.inf
======List of files/folders modified in the last 1 month======
2012-08-06 09:29:26 ----D---- C:\WINDOWS\Prefetch
2012-08-06 09:14:25 ----D---- C:\Documents and Settings\Monika\Data aplikací\ICQ
2012-08-06 09:13:47 ----D---- C:\WINDOWS
2012-08-06 09:11:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-06 09:04:27 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-06 09:03:14 ----D---- C:\Program Files
2012-08-06 09:00:30 ----SHD---- C:\System Volume Information
2012-08-06 09:00:30 ----D---- C:\WINDOWS\system32\Restore
2012-08-06 09:00:26 ----D---- C:\WINDOWS\system32\drivers
2012-08-04 14:37:13 ----A---- C:\WINDOWS\system.ini
2012-08-04 14:34:34 ----D---- C:\WINDOWS\system32
2012-08-04 14:34:34 ----D---- C:\WINDOWS\AppPatch
2012-08-04 14:34:31 ----D---- C:\Program Files\Common Files
2012-08-04 14:30:13 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-04 03:44:28 ----D---- C:\Program Files\Czech Soccer Manager 2002 FE
2012-08-04 03:10:16 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-29 16:09:33 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-25 15:25:43 ----D---- C:\WINDOWS\system32\config
2012-07-21 02:08:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-18 08:51:06 ----D---- C:\Program Files\Mozilla Firefox
2012-07-17 09:36:25 ----D---- C:\Downloads
2012-07-17 09:26:50 ----D---- C:\Program Files\BitComet
2012-07-16 11:26:56 ----D---- C:\Documents and Settings\Monika\Data aplikací\Skype
2012-07-16 11:13:27 ----SHD---- C:\WINDOWS\Installer
2012-07-12 15:49:32 ----D---- C:\WINDOWS\Debug
2012-07-11 16:41:10 ----HD---- C:\WINDOWS\inf
2012-07-11 16:41:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 16:41:03 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 16:38:18 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-31 95872]
R1 is-D72FGdrv;is-D72FGdrv; C:\WINDOWS\system32\DRIVERS\24392970.sys [2008-07-08 148496]
R1 is-SGD7Ddrv;is-SGD7Ddrv; C:\WINDOWS\system32\DRIVERS\87520850.sys [2008-07-08 148496]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-31 140216]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-22 2829824]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-01-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-01-20 25512]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-22 430080]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-16 153352]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-11-22 520192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-04 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Monika at 2012-08-06 09:29:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 538 MB (3%) free of 20 GB
Total RAM: 1023 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:34, on 6.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Monika\Plocha\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Monika.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:reklama@europrinty.eu
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7216548875
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0366517953
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 6805 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, illimitux@illimitux.net:4.0, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, jqs@sun.com:1.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{4C0766D3-67A7-45a3-85A2-752F77312F32}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\
illimitux@illimitux.net
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{b57a9eb1-0e57-4850-a701-4d169538e6ed}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-16 329480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-16 59144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-16 79624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2145000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Anti-phishing Domain Advisor"=C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-22 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe"="C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.iac2"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iac25_32.ax
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.avrn"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.advj"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"=C:\PROGRA~1\MEGACO~1\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\MEGACO~1\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\MEGACO~1\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\MEGACO~1\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\MEGACO~1\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\MEGACO~1\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\MEGACO~1\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\MEGACO~1\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\MEGACO~1\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\MEGACO~1\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\MEGACO~1\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"msacm.sl_anet"=C:\PROGRA~1\MEGACO~1\SystemS\sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\MEGACO~1\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\MEGACO~1\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\MEGACO~1\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\MEGACO~1\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\MEGACO~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr2.dll
"vidc.mwv1"=C:\PROGRA~1\MEGACO~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"=C:\PROGRA~1\MEGACO~1\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divx4.dll
"msacm.divxa32"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv32"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv42"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir50_32.dll
"vidc.iyuv"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\Iyvu9_32.dll
"vidc.ir21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\MEGACO~1\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvc"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvcs"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dcmj"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi1"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi2"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.dv25"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.msmc"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
======List of files/folders created in the last 1 month======
2012-08-06 09:29:29 ----D---- C:\rsit
2012-08-06 09:03:14 ----D---- C:\Program Files\ICQ7M
2012-08-04 20:21:56 ----SHD---- C:\RECYCLER
2012-08-04 13:28:04 ----D---- C:\Documents and Settings\Monika\Data aplikací\WinRAR
2012-07-26 18:46:55 ----D---- C:\WINDOWS\temp
2012-07-26 07:26:02 ----D---- C:\Program Files\trend micro
2012-07-17 09:36:53 ----D---- C:\Program Files\Red Alert 2 Yuri's Revenge
2012-07-11 16:41:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-11 16:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 16:37:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 16:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 16:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-08 16:51:55 ----RAD---- C:\Autorun.inf
======List of files/folders modified in the last 1 month======
2012-08-06 09:29:26 ----D---- C:\WINDOWS\Prefetch
2012-08-06 09:14:25 ----D---- C:\Documents and Settings\Monika\Data aplikací\ICQ
2012-08-06 09:13:47 ----D---- C:\WINDOWS
2012-08-06 09:11:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-06 09:04:27 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-06 09:03:14 ----D---- C:\Program Files
2012-08-06 09:00:30 ----SHD---- C:\System Volume Information
2012-08-06 09:00:30 ----D---- C:\WINDOWS\system32\Restore
2012-08-06 09:00:26 ----D---- C:\WINDOWS\system32\drivers
2012-08-04 14:37:13 ----A---- C:\WINDOWS\system.ini
2012-08-04 14:34:34 ----D---- C:\WINDOWS\system32
2012-08-04 14:34:34 ----D---- C:\WINDOWS\AppPatch
2012-08-04 14:34:31 ----D---- C:\Program Files\Common Files
2012-08-04 14:30:13 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-04 03:44:28 ----D---- C:\Program Files\Czech Soccer Manager 2002 FE
2012-08-04 03:10:16 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-29 16:09:33 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-25 15:25:43 ----D---- C:\WINDOWS\system32\config
2012-07-21 02:08:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-18 08:51:06 ----D---- C:\Program Files\Mozilla Firefox
2012-07-17 09:36:25 ----D---- C:\Downloads
2012-07-17 09:26:50 ----D---- C:\Program Files\BitComet
2012-07-16 11:26:56 ----D---- C:\Documents and Settings\Monika\Data aplikací\Skype
2012-07-16 11:13:27 ----SHD---- C:\WINDOWS\Installer
2012-07-12 15:49:32 ----D---- C:\WINDOWS\Debug
2012-07-11 16:41:10 ----HD---- C:\WINDOWS\inf
2012-07-11 16:41:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 16:41:03 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 16:38:18 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-31 95872]
R1 is-D72FGdrv;is-D72FGdrv; C:\WINDOWS\system32\DRIVERS\24392970.sys [2008-07-08 148496]
R1 is-SGD7Ddrv;is-SGD7Ddrv; C:\WINDOWS\system32\DRIVERS\87520850.sys [2008-07-08 148496]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-31 140216]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-22 2829824]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-01-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-01-20 25512]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-22 430080]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-16 153352]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-11-22 520192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-04 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
Logfile of random's system information tool 1.09 (written by random/random)
Run by Monika at 2012-08-06 09:29:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 538 MB (3%) free of 20 GB
Total RAM: 1023 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:34, on 6.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Monika\Plocha\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Monika.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:reklama@europrinty.eu
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7216548875
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0366517953
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 6805 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, illimitux@illimitux.net:4.0, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, jqs@sun.com:1.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{4C0766D3-67A7-45a3-85A2-752F77312F32}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\
illimitux@illimitux.net
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{b57a9eb1-0e57-4850-a701-4d169538e6ed}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-16 329480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-16 59144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-16 79624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2145000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Anti-phishing Domain Advisor"=C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-22 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe"="C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.iac2"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iac25_32.ax
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.avrn"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.advj"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"=C:\PROGRA~1\MEGACO~1\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\MEGACO~1\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\MEGACO~1\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\MEGACO~1\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\MEGACO~1\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\MEGACO~1\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\MEGACO~1\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\MEGACO~1\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\MEGACO~1\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\MEGACO~1\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\MEGACO~1\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"msacm.sl_anet"=C:\PROGRA~1\MEGACO~1\SystemS\sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\MEGACO~1\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\MEGACO~1\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\MEGACO~1\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\MEGACO~1\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\MEGACO~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr2.dll
"vidc.mwv1"=C:\PROGRA~1\MEGACO~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"=C:\PROGRA~1\MEGACO~1\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divx4.dll
"msacm.divxa32"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv32"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv42"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir50_32.dll
"vidc.iyuv"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\Iyvu9_32.dll
"vidc.ir21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\MEGACO~1\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvc"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvcs"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dcmj"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi1"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi2"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.dv25"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.msmc"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
======List of files/folders created in the last 1 month======
2012-08-06 09:29:29 ----D---- C:\rsit
2012-08-06 09:03:14 ----D---- C:\Program Files\ICQ7M
2012-08-04 20:21:56 ----SHD---- C:\RECYCLER
2012-08-04 13:28:04 ----D---- C:\Documents and Settings\Monika\Data aplikací\WinRAR
2012-07-26 18:46:55 ----D---- C:\WINDOWS\temp
2012-07-26 07:26:02 ----D---- C:\Program Files\trend micro
2012-07-17 09:36:53 ----D---- C:\Program Files\Red Alert 2 Yuri's Revenge
2012-07-11 16:41:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-11 16:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 16:37:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 16:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 16:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-08 16:51:55 ----RAD---- C:\Autorun.inf
======List of files/folders modified in the last 1 month======
2012-08-06 09:29:26 ----D---- C:\WINDOWS\Prefetch
2012-08-06 09:14:25 ----D---- C:\Documents and Settings\Monika\Data aplikací\ICQ
2012-08-06 09:13:47 ----D---- C:\WINDOWS
2012-08-06 09:11:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-06 09:04:27 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-06 09:03:14 ----D---- C:\Program Files
2012-08-06 09:00:30 ----SHD---- C:\System Volume Information
2012-08-06 09:00:30 ----D---- C:\WINDOWS\system32\Restore
2012-08-06 09:00:26 ----D---- C:\WINDOWS\system32\drivers
2012-08-04 14:37:13 ----A---- C:\WINDOWS\system.ini
2012-08-04 14:34:34 ----D---- C:\WINDOWS\system32
2012-08-04 14:34:34 ----D---- C:\WINDOWS\AppPatch
2012-08-04 14:34:31 ----D---- C:\Program Files\Common Files
2012-08-04 14:30:13 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-04 03:44:28 ----D---- C:\Program Files\Czech Soccer Manager 2002 FE
2012-08-04 03:10:16 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-29 16:09:33 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-25 15:25:43 ----D---- C:\WINDOWS\system32\config
2012-07-21 02:08:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-18 08:51:06 ----D---- C:\Program Files\Mozilla Firefox
2012-07-17 09:36:25 ----D---- C:\Downloads
2012-07-17 09:26:50 ----D---- C:\Program Files\BitComet
2012-07-16 11:26:56 ----D---- C:\Documents and Settings\Monika\Data aplikací\Skype
2012-07-16 11:13:27 ----SHD---- C:\WINDOWS\Installer
2012-07-12 15:49:32 ----D---- C:\WINDOWS\Debug
2012-07-11 16:41:10 ----HD---- C:\WINDOWS\inf
2012-07-11 16:41:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 16:41:03 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 16:38:18 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-31 95872]
R1 is-D72FGdrv;is-D72FGdrv; C:\WINDOWS\system32\DRIVERS\24392970.sys [2008-07-08 148496]
R1 is-SGD7Ddrv;is-SGD7Ddrv; C:\WINDOWS\system32\DRIVERS\87520850.sys [2008-07-08 148496]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-31 140216]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-22 2829824]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-01-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-01-20 25512]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-22 430080]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-16 153352]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-11-22 520192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-04 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Monika at 2012-08-06 09:29:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 538 MB (3%) free of 20 GB
Total RAM: 1023 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:34, on 6.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Monika\Plocha\RSIT.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Monika.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:reklama@europrinty.eu
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7216548875
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0366517953
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 6805 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-725345543-1993962763-2147133589-1004.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, illimitux@illimitux.net:4.0, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, jqs@sun.com:1.0, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.5.3&q="
"{4C0766D3-67A7-45a3-85A2-752F77312F32}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Monika\Data aplikací\Mozilla\Firefox\Profiles\8vlckoor.default\extensions\
illimitux@illimitux.net
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
{b57a9eb1-0e57-4850-a701-4d169538e6ed}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-16 329480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-16 59144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-16 79624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2145000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Anti-phishing Domain Advisor"=C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\WINDOWS\system32\qttask.exe [2010-02-27 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2006-09-25 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-22 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe"="C:\Program Files\Red Alert 2 Yuri's Revenge\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.iac2"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iac25_32.ax
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.avrn"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.advj"=C:\PROGRA~1\MEGACO~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"=C:\PROGRA~1\MEGACO~1\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\MEGACO~1\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\MEGACO~1\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\MEGACO~1\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\MEGACO~1\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\MEGACO~1\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\MEGACO~1\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\MEGACO~1\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\MEGACO~1\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\MEGACO~1\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\MEGACO~1\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\MEGACO~1\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\MEGACO~1\SystemS\Qpeg32.dll
"msacm.sl_anet"=C:\PROGRA~1\MEGACO~1\SystemS\sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\MEGACO~1\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\MEGACO~1\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\MEGACO~1\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\MEGACO~1\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\MEGACO~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\MEGACO~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\MEGACO~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\MEGACO~1\SystemS\ATI\ativcr2.dll
"vidc.mwv1"=C:\PROGRA~1\MEGACO~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\MEGACO~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\MEGACO~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\MEGACO~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"=C:\PROGRA~1\MEGACO~1\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divx4.dll
"msacm.divxa32"=C:\PROGRA~1\MEGACO~1\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\MEGACO~1\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\MEGACO~1\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv32"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv42"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\ir50_32.dll
"vidc.iyuv"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\Iyvu9_32.dll
"vidc.ir21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\MEGACO~1\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\MEGACO~1\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvc"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvcs"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dcmj"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi1"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi2"=C:\PROGRA~1\MEGACO~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.dv25"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
"vidc.msmc"=C:\PROGRA~1\MEGACO~1\SystemS\Matrox\DigiVCap.dll
======List of files/folders created in the last 1 month======
2012-08-06 09:29:29 ----D---- C:\rsit
2012-08-06 09:03:14 ----D---- C:\Program Files\ICQ7M
2012-08-04 20:21:56 ----SHD---- C:\RECYCLER
2012-08-04 13:28:04 ----D---- C:\Documents and Settings\Monika\Data aplikací\WinRAR
2012-07-26 18:46:55 ----D---- C:\WINDOWS\temp
2012-07-26 07:26:02 ----D---- C:\Program Files\trend micro
2012-07-17 09:36:53 ----D---- C:\Program Files\Red Alert 2 Yuri's Revenge
2012-07-11 16:41:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-11 16:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 16:37:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 16:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 16:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-08 16:51:55 ----RAD---- C:\Autorun.inf
======List of files/folders modified in the last 1 month======
2012-08-06 09:29:26 ----D---- C:\WINDOWS\Prefetch
2012-08-06 09:14:25 ----D---- C:\Documents and Settings\Monika\Data aplikací\ICQ
2012-08-06 09:13:47 ----D---- C:\WINDOWS
2012-08-06 09:11:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-06 09:04:27 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-06 09:03:14 ----D---- C:\Program Files
2012-08-06 09:00:30 ----SHD---- C:\System Volume Information
2012-08-06 09:00:30 ----D---- C:\WINDOWS\system32\Restore
2012-08-06 09:00:26 ----D---- C:\WINDOWS\system32\drivers
2012-08-04 14:37:13 ----A---- C:\WINDOWS\system.ini
2012-08-04 14:34:34 ----D---- C:\WINDOWS\system32
2012-08-04 14:34:34 ----D---- C:\WINDOWS\AppPatch
2012-08-04 14:34:31 ----D---- C:\Program Files\Common Files
2012-08-04 14:30:13 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-04 03:44:28 ----D---- C:\Program Files\Czech Soccer Manager 2002 FE
2012-08-04 03:10:16 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-29 16:09:33 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-25 15:25:43 ----D---- C:\WINDOWS\system32\config
2012-07-21 02:08:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-18 08:51:06 ----D---- C:\Program Files\Mozilla Firefox
2012-07-17 09:36:25 ----D---- C:\Downloads
2012-07-17 09:26:50 ----D---- C:\Program Files\BitComet
2012-07-16 11:26:56 ----D---- C:\Documents and Settings\Monika\Data aplikací\Skype
2012-07-16 11:13:27 ----SHD---- C:\WINDOWS\Installer
2012-07-12 15:49:32 ----D---- C:\WINDOWS\Debug
2012-07-11 16:41:10 ----HD---- C:\WINDOWS\inf
2012-07-11 16:41:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 16:41:03 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 16:38:18 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-31 95872]
R1 is-D72FGdrv;is-D72FGdrv; C:\WINDOWS\system32\DRIVERS\24392970.sys [2008-07-08 148496]
R1 is-SGD7Ddrv;is-SGD7Ddrv; C:\WINDOWS\system32\DRIVERS\87520850.sys [2008-07-08 148496]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-31 140216]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-22 2829824]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-01-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-01-20 25512]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-22 430080]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-16 153352]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-11-22 520192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-04 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
info.txt logfile of random's system information tool 1.09 2012-08-06 09:29:38
======Uninstall list======
-->C:\Program Files\Sony Ericsson\Update Engine\uninst.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACE Mega CoDecS Pack-->"C:\Program Files\Mega CoDecS Pack\unins000.exe"
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe -maintain plugin
Adobe Reader 9.5.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A95000000001}
Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Aktualizace systému Windows Internet Explorer 8 (KB2598845)-->"C:\WINDOWS\ie8updates\KB2598845-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB2632503)-->"C:\WINDOWS\ie8updates\KB2632503-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2492386)-->"C:\WINDOWS\$NtUninstallKB2492386$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x5
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->MsiExec.exe /I{7B76034B-B3ED-46D5-8C66-DEB102CB830A}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe"
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
BitComet 1.29-->C:\Program Files\BitComet\uninst.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Czech Soccer Manager 2002 FE-->C:\Program Files\Czech Soccer Manager 2002 FE\uninstall.exe
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
ICQ7M-->"C:\Program Files\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 33-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216033FF}
Malwarebytes' Anti-Malware verze 1.51.2.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Micro DVD Player-->C:\Program Files\Micro DVD Player\uninstall.exe
Microsoft .NET Framework 1.1 Czech Language Pack-->MsiExec.exe /X{5E65E94D-69F2-4850-9E93-6459C53A0F50}
Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft GIF Animator-->C:\Program Files\Microsoft GIF Animator\setup\GifACME.exe
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 14.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Neat Image v7.1.0 Demo Standalone-->"C:\Program Files\Neat Image Standalone\unins000.exe"
Nero 9 Lite-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647"
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NHL 2004 Demo-->C:\Program Files\EA SPORTS\NHL 2004 Demo\EAUninstall.exe
NHL® 08-->MsiExec.exe /X{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{564D0000-547B-4ED8-8070-85286CC8C9BF}
Oprava Hotfix systému Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Ovládací panel ATI-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
rajče verze 57 sestavení 190-->"C:\Program Files\rajce\unins000.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Skype™ 5.3-->MsiExec.exe /X{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}
Sony Ericsson Update Engine-->C:\Program Files\Sony Ericsson\Update Engine\uninst.exe
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
TNod User & Password Finder-->"C:\Program Files\TNod User & Password Finder\uninst-TNod.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Total Video Converter 3.12 080330-->"C:\Program Files\Total Video Converter\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Zoner GIF Animator 5-->MsiExec.exe /I{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}
======Hosts File======
::1 localhost
======Security center information======
AV: ESET NOD32 Antivirus 4.2 (disabled)
======System event log======
Computer Name: MONIKA-PC
Event Code: 7000
Message: Služba 1267214146 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Record Number: 90226
Source Name: Service Control Manager
Time Written: 20120614201430.000000+120
Event Type: Chyba
User:
Computer Name: MONIKA-PC
Event Code: 2
Message: Device identified.
Record Number: 90225
Source Name: nvatabus
Time Written: 20120614201416.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 2
Message: Device identified.
Record Number: 90224
Source Name: nvatabus
Time Written: 20120614201416.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 90223
Source Name: EventLog
Time Written: 20120614201413.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 90222
Source Name: EventLog
Time Written: 20120614201413.000000+120
Event Type: Informace
User:
=====Application event log=====
Computer Name: MONIKA-PC
Event Code: 1002
Message: Prostředí bylo neočekávaně zastaveno a Explorer.exe byl restartován.
Record Number: 3834
Source Name: Winlogon
Time Written: 20110519104741.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 1000
Message: Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x058df860.
Record Number: 3833
Source Name: Application Error
Time Written: 20110519104331.000000+120
Event Type: Chyba
User:
Computer Name: MONIKA-PC
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 3832
Source Name: SecurityCenter
Time Written: 20110519082905.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 105
Message: The service was started.
Record Number: 3831
Source Name: ATI Smart
Time Written: 20110519082848.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 1002
Message: Prostředí bylo neočekávaně zastaveno a Explorer.exe byl restartován.
Record Number: 3830
Source Name: Winlogon
Time Written: 20110518225541.000000+120
Event Type: Informace
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\AMD APP\bin\x86;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ATI Technologies\ATI.ACE;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
-----------------EOF-----------------
======Uninstall list======
-->C:\Program Files\Sony Ericsson\Update Engine\uninst.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACE Mega CoDecS Pack-->"C:\Program Files\Mega CoDecS Pack\unins000.exe"
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe -maintain plugin
Adobe Reader 9.5.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A95000000001}
Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Aktualizace systému Windows Internet Explorer 8 (KB2598845)-->"C:\WINDOWS\ie8updates\KB2598845-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB2632503)-->"C:\WINDOWS\ie8updates\KB2632503-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2492386)-->"C:\WINDOWS\$NtUninstallKB2492386$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x5
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->MsiExec.exe /I{7B76034B-B3ED-46D5-8C66-DEB102CB830A}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe"
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
BitComet 1.29-->C:\Program Files\BitComet\uninst.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Czech Soccer Manager 2002 FE-->C:\Program Files\Czech Soccer Manager 2002 FE\uninstall.exe
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
ICQ7M-->"C:\Program Files\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 33-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216033FF}
Malwarebytes' Anti-Malware verze 1.51.2.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Micro DVD Player-->C:\Program Files\Micro DVD Player\uninstall.exe
Microsoft .NET Framework 1.1 Czech Language Pack-->MsiExec.exe /X{5E65E94D-69F2-4850-9E93-6459C53A0F50}
Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft GIF Animator-->C:\Program Files\Microsoft GIF Animator\setup\GifACME.exe
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 14.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Neat Image v7.1.0 Demo Standalone-->"C:\Program Files\Neat Image Standalone\unins000.exe"
Nero 9 Lite-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647"
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NHL 2004 Demo-->C:\Program Files\EA SPORTS\NHL 2004 Demo\EAUninstall.exe
NHL® 08-->MsiExec.exe /X{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{564D0000-547B-4ED8-8070-85286CC8C9BF}
Oprava Hotfix systému Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Ovládací panel ATI-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
rajče verze 57 sestavení 190-->"C:\Program Files\rajce\unins000.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Skype™ 5.3-->MsiExec.exe /X{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}
Sony Ericsson Update Engine-->C:\Program Files\Sony Ericsson\Update Engine\uninst.exe
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
TNod User & Password Finder-->"C:\Program Files\TNod User & Password Finder\uninst-TNod.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Total Video Converter 3.12 080330-->"C:\Program Files\Total Video Converter\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Zoner GIF Animator 5-->MsiExec.exe /I{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}
======Hosts File======
::1 localhost
======Security center information======
AV: ESET NOD32 Antivirus 4.2 (disabled)
======System event log======
Computer Name: MONIKA-PC
Event Code: 7000
Message: Služba 1267214146 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Record Number: 90226
Source Name: Service Control Manager
Time Written: 20120614201430.000000+120
Event Type: Chyba
User:
Computer Name: MONIKA-PC
Event Code: 2
Message: Device identified.
Record Number: 90225
Source Name: nvatabus
Time Written: 20120614201416.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 2
Message: Device identified.
Record Number: 90224
Source Name: nvatabus
Time Written: 20120614201416.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 90223
Source Name: EventLog
Time Written: 20120614201413.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.
Record Number: 90222
Source Name: EventLog
Time Written: 20120614201413.000000+120
Event Type: Informace
User:
=====Application event log=====
Computer Name: MONIKA-PC
Event Code: 1002
Message: Prostředí bylo neočekávaně zastaveno a Explorer.exe byl restartován.
Record Number: 3834
Source Name: Winlogon
Time Written: 20110519104741.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 1000
Message: Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x058df860.
Record Number: 3833
Source Name: Application Error
Time Written: 20110519104331.000000+120
Event Type: Chyba
User:
Computer Name: MONIKA-PC
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 3832
Source Name: SecurityCenter
Time Written: 20110519082905.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 105
Message: The service was started.
Record Number: 3831
Source Name: ATI Smart
Time Written: 20110519082848.000000+120
Event Type: Informace
User:
Computer Name: MONIKA-PC
Event Code: 1002
Message: Prostředí bylo neočekávaně zastaveno a Explorer.exe byl restartován.
Record Number: 3830
Source Name: Winlogon
Time Written: 20110518225541.000000+120
Event Type: Informace
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\AMD APP\bin\x86;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ATI Technologies\ATI.ACE;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
-----------------EOF-----------------
-
- Návštěvník
- Příspěvky: 44
- Registrován: 16 čer 2012 12:17
- Bydliště: Břeclav
- Kontaktovat uživatele:
Re: VIRUS RECYCLER NA PAMETOVCE
Počítač se chová normálně, všechny usba a pametovky fungují. Děkuji moc za cenné rady, snad se podaří vyřešit i problém na ostatních počítačích.