Logfile of random's system information tool 1.09 (written by random/random)
Run by Vicious at 2013-09-05 08:13:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (7%) free of 76 GB
Total RAM: 1791 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:14:00, on 5.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
c:\Documents and Settings\Vicious\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Vicious.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Avira SearchFree Toolbar plus Web Protection BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [ChangeFilterMerit] "C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe"
O4 - HKLM\..\Run: [Presto! PVR Monitor] "C:\Program Files\NewSoft\Presto! PVR\Monitor.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 12016 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default\extensions\
mozilla_cc@internetdownloadmanager.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2008-11-06 68936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-12-02 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar plus Web Protection - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-07-26 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-26 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-26 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-12-02 798771]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2008-11-06 211272]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar plus Web Protection - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-07-26 12240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-12-03 33718272]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-10-20 2497352]
"ChangeFilterMerit"=C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
"Presto! PVR Monitor"=C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-08-07 161616]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-01-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-19 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-19 217088]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-09-05 345144]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-07-26 1558480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ioloSystemService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=475
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=475
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM)"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM)"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
======List of files/folders created in the last 1 month======
2013-09-05 08:13:54 ----D---- C:\rsit
2013-09-05 08:13:38 ----D---- C:\Documents and Settings\Vicious\Data aplikací\Avira
2013-09-05 08:10:20 ----D---- C:\Program Files\AskPartnerNetwork
2013-09-05 08:10:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-09-05 08:09:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\APN
2013-09-05 08:07:51 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2013-09-05 08:07:49 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2013-09-05 08:07:49 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2013-09-05 08:07:49 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2013-09-05 08:07:48 ----D---- C:\Program Files\Avira
2013-09-05 08:07:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2013-08-28 21:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-26 12:29:20 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-08-26 11:53:02 ----D---- C:\Program Files\Mozilla Firefox
2013-08-16 11:31:27 ----D---- C:\WINDOWS\system32\MRT
2013-08-16 11:25:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-08-16 11:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-08-16 11:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-08-16 11:24:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$
======List of files/folders modified in the last 1 month======
2013-09-05 08:14:00 ----D---- C:\WINDOWS\Temp
2013-09-05 08:14:00 ----D---- C:\Program Files\trend micro
2013-09-05 08:13:57 ----D---- C:\WINDOWS\Prefetch
2013-09-05 08:11:48 ----D---- C:\WINDOWS\system32\NtmsData
2013-09-05 08:11:14 ----D---- C:\WINDOWS\Registration
2013-09-05 08:10:26 ----SHD---- C:\WINDOWS\Installer
2013-09-05 08:10:26 ----D---- C:\Config.Msi
2013-09-05 08:10:20 ----RD---- C:\Program Files
2013-09-05 08:08:03 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-05 08:08:03 ----D---- C:\WINDOWS\system32\CatRoot
2013-09-05 08:07:51 ----D---- C:\WINDOWS\system32\drivers
2013-09-05 07:46:00 ----D---- C:\Documents and Settings\Vicious\Data aplikací\Smarty Uninstaller
2013-09-05 06:49:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-08-29 07:29:59 ----AD---- C:\WINDOWS
2013-08-28 21:32:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-08-28 21:31:46 ----HD---- C:\WINDOWS\inf
2013-08-28 21:31:44 ----D---- C:\WINDOWS\system32
2013-08-27 10:21:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-08-26 12:29:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-26 11:48:01 ----RSD---- C:\WINDOWS\assembly
2013-08-26 11:48:01 ----D---- C:\WINDOWS\Microsoft.NET
2013-08-16 11:34:53 ----A---- C:\WINDOWS\imsins.BAK
2013-08-16 11:34:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-08-16 11:34:47 ----D---- C:\Program Files\Internet Explorer
2013-08-16 11:31:05 ----A---- C:\WINDOWS\system32\MRT.exe
2013-08-16 11:27:00 ----D---- C:\WINDOWS\WinSxS
2013-08-16 11:26:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-12 07:48:36 ----D---- C:\Program Files\Mozilla Thunderbird
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-10-07 97760]
R0 NBVol;Nero Backup Volume Filter Driver; C:\WINDOWS\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\WINDOWS\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
R0 nvgts;nvgts; C:\WINDOWS\system32\drivers\nvgts.sys [2008-08-18 145952]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-11-26 443448]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-09-05 135136]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-09-05 37352]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-10-07 492768]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-10-07 31704]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-09-05 84744]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2005-01-19 22016]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-11-25 1617408]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2013-09-05 28520]
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
S3 awi9c69v;awi9c69v; C:\WINDOWS\system32\drivers\awi9c69v.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-05-18 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-05-18 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-05-18 21568]
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-19 211712]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2009-08-17 93216]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2009-08-17 32800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 X86BDA;OEM Capture; C:\WINDOWS\system32\DRIVERS\OEMDrv.sys [2011-05-25 210048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-09-05 108088]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-09-05 84024]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-09-05 589368]
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-07-26 168400]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-10-07 1883328]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [2011-08-08 722616]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-09-23 641832]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2011-06-29 2468168]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-05 116648]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-04-14 163908]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-26 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-05 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-26 117656]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-26 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Vicious on pá 06.09.2013 at 8:37:47,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Documents and Settings\Vicious\Data aplikací\mozilla\firefox\profiles\botbqghb.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pá 06.09.2013 at 8:44:41,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Vicious on pá 06.09.2013 at 8:37:47,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Documents and Settings\Vicious\Data aplikací\mozilla\firefox\profiles\botbqghb.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pá 06.09.2013 at 8:44:41,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu
# AdwCleaner v3.002 - Report created 06/09/2013 at 08:49:03
# Updated 01/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Vicious - VICIOUS-D06C9FF
# Running from : C:\Documents and Settings\Vicious\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\Vicious\IECompatCache
File Deleted : C:\DOCUME~1\Vicious\LOCALS~1\Temp\Uninstall.exe
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1A03F196-9617-4CA0-842B-A83CEECB022B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Product Deleted : Google Update Helper
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v23.0.1 (cs)
[ File : C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default\prefs.js ]
-\\ Google Chrome v29.0.1547.66
[ File : C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1293 octets] - [06/09/2013 08:47:57]
AdwCleaner[S0].txt - [1226 octets] - [06/09/2013 08:49:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1286 octets] ##########
# Updated 01/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Vicious - VICIOUS-D06C9FF
# Running from : C:\Documents and Settings\Vicious\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\Vicious\IECompatCache
File Deleted : C:\DOCUME~1\Vicious\LOCALS~1\Temp\Uninstall.exe
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1A03F196-9617-4CA0-842B-A83CEECB022B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Product Deleted : Google Update Helper
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v23.0.1 (cs)
[ File : C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default\prefs.js ]
-\\ Google Chrome v29.0.1547.66
[ File : C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1293 octets] - [06/09/2013 08:47:57]
AdwCleaner[S0].txt - [1226 octets] - [06/09/2013 08:49:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1286 octets] ##########
Re: Prosím o kontrolu
Poprosim o log z FRSTL http://forum.viry.cz/viewtopic.php?f=30&t=132520
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013 02
Ran by Vicious (administrator) on VICIOUS-D06C9FF on 12-09-2013 16:41:23
Running from C:\Documents and Settings\Vicious\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
(NewSoft) C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
(Labtec Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(Labtec Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Labtec Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33718272 2009-12-03] (VIA Technologies, Inc.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2497352 2011-10-20] (COMODO)
HKLM\...\Run: [ChangeFilterMerit] - C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM\...\Run: [Presto! PVR Monitor] - C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [161616 2009-08-07] (NewSoft)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoRepair] - C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoTray] - C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-06] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDrives] 0
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 16 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default
FF Homepage: hxxp://www.google.cz/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: IDM CC - C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default\Extensions\mozilla_cc@internetdownloadmanager.com
FF Extension: WebTran - C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll No File
CHR Extension: (Google Docs) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-06] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1883328 2011-10-07] (COMODO)
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [722616 2011-08-08] (iolo technologies, LLC)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [641832 2011-09-23] (Nero AG)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2468168 2011-06-29] (O&O Software GmbH)
S4 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
S3 AMBFilt; C:\Windows\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [492768 2011-10-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [31704 2011-10-07] (COMODO)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2009-05-18] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2009-05-18] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-05-18] (HP)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [97760 2011-10-07] (COMODO)
R3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-01-19] (Labtec Inc.)
S3 MonFilt; C:\Windows\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\drivers\nvgts.sys [145952 2008-08-18] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-19] (Labtec Inc.)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [93216 2009-08-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32800 2009-08-17] (REALTEK SEMICONDUCTOR Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2011-11-26] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-05] (Avira GmbH)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1617408 2009-11-25] (VIA Technologies, Inc.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [210048 2011-05-25] ( )
U3 azs6bv2a; C:\Windows\System32\Drivers\azs6bv2a.sys [0 ] (NVIDIA Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-12 16:40 - 2013-09-12 16:40 - 00000000 ____D C:\FRST
2013-09-12 16:39 - 2013-09-12 07:47 - 00002939 _____ C:\Documents and Settings\Vicious\Plocha\SecurityCenter.vbs
2013-09-12 16:39 - 2013-09-11 22:34 - 01082587 _____ (Farbar) C:\Documents and Settings\Vicious\Plocha\FRST.exe
2013-09-12 16:23 - 2013-09-12 16:23 - 00000000 ____D C:\qb0BFC7B.EC
2013-09-11 11:15 - 2013-09-11 11:16 - 00012565 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-11 11:11 - 2013-09-11 11:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-11 06:57 - 2013-09-11 11:11 - 00010263 _____ C:\WINDOWS\KB2876315.log
2013-09-11 06:57 - 2013-09-11 11:10 - 00009633 _____ C:\WINDOWS\KB2876217.log
2013-09-11 06:57 - 2013-09-11 11:10 - 00008719 _____ C:\WINDOWS\KB2864063.log
2013-09-11 06:49 - 2013-09-11 06:49 - 97063418 _____ C:\WINDOWS\system32\슕律L
2013-09-06 08:47 - 2013-09-06 08:49 - 00000000 ____D C:\AdwCleaner
2013-09-06 08:37 - 2013-09-06 08:37 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-06 08:33 - 2013-09-06 08:33 - 01037222 _____ C:\Documents and Settings\Vicious\Plocha\adwcleaner.exe
2013-09-06 08:31 - 2013-09-06 08:31 - 01028823 _____ (Thisisu) C:\Documents and Settings\Vicious\Plocha\JRT.exe
2013-09-05 08:13 - 2013-09-05 08:14 - 00000000 ____D C:\rsit
2013-09-05 08:13 - 2013-09-05 08:13 - 00000000 ____D C:\Documents and Settings\Vicious\Data aplikací\Avira
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-09-05 08:09 - 2013-09-05 08:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\APN
2013-09-05 08:08 - 2013-09-05 08:08 - 00001707 _____ C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
2013-09-05 08:07 - 2013-09-06 06:57 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-09-05 08:07 - 2013-09-06 06:57 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-09-05 08:07 - 2013-09-05 08:08 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
2013-09-05 08:07 - 2013-09-05 08:07 - 00000000 ____D C:\Program Files\Avira
2013-09-05 08:07 - 2013-09-05 08:06 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2013-09-05 08:07 - 2013-09-05 08:05 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-09-01 18:10 - 2013-09-01 21:24 - 1740271616 _____ C:\Documents and Settings\Vicious\Plocha\Čtyřlístek-ve-službách-krále,-CZ-2013.avi
2013-08-28 21:31 - 2013-08-28 21:31 - 00004189 _____ C:\WINDOWS\KB2834904-v2.log
2013-08-28 21:31 - 2013-08-28 21:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-28 14:49 - 2013-08-28 14:49 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Prater a Valtice
2013-08-28 14:14 - 2013-08-28 14:25 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Řecko Rhodos
2013-08-26 11:53 - 2013-08-27 08:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-16 11:34 - 2013-08-16 11:34 - 00012109 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-16 11:31 - 2013-09-11 11:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-16 11:25 - 2013-08-16 11:25 - 00005195 _____ C:\WINDOWS\KB2863058.log
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-16 11:24 - 2013-08-16 11:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-16 07:21 - 2013-08-16 11:25 - 00009066 _____ C:\WINDOWS\KB2850869.log
2013-08-16 07:20 - 2013-08-16 11:25 - 00010859 _____ C:\WINDOWS\KB2859537.log
==================== One Month Modified Files and Folders =======
2013-09-12 16:40 - 2013-09-12 16:40 - 00000000 ____D C:\FRST
2013-09-12 16:39 - 2011-11-25 19:24 - 00000000 ____D C:\Documents and Settings\Vicious\Dokumenty\Stažené soubory
2013-09-12 16:39 - 2011-11-25 18:24 - 00000000 ___HD C:\Documents and Settings\Vicious\Local Settings\Data aplikací
2013-09-12 16:39 - 2011-11-25 18:24 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha
2013-09-12 16:29 - 2013-05-18 19:00 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-12 16:28 - 2011-11-25 18:19 - 01415524 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-12 16:26 - 2013-02-05 14:52 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-12 16:26 - 2008-04-14 09:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-12 16:25 - 2011-11-27 08:31 - 01295726 _____ C:\WINDOWS\system32\oodbs.lor
2013-09-12 16:25 - 2011-11-25 19:15 - 00000300 _____ C:\WINDOWS\wiadebug.log
2013-09-12 16:25 - 2011-11-25 19:15 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-09-12 16:25 - 2011-11-25 18:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-12 16:24 - 2011-11-25 18:24 - 00000178 ___SH C:\Documents and Settings\Vicious\ntuser.ini
2013-09-12 16:24 - 2011-11-25 18:23 - 00032496 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-12 16:23 - 2013-09-12 16:23 - 00000000 ____D C:\qb0BFC7B.EC
2013-09-12 16:17 - 2013-02-05 14:52 - 00000942 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-12 16:11 - 2011-11-25 19:13 - 00298848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-12 07:47 - 2013-09-12 16:39 - 00002939 _____ C:\Documents and Settings\Vicious\Plocha\SecurityCenter.vbs
2013-09-11 22:34 - 2013-09-12 16:39 - 01082587 _____ (Farbar) C:\Documents and Settings\Vicious\Plocha\FRST.exe
2013-09-11 11:16 - 2013-09-11 11:15 - 00012565 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-11 11:16 - 2013-01-15 12:07 - 00024394 _____ C:\WINDOWS\updspapi.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00241339 _____ C:\WINDOWS\iis6.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00222581 _____ C:\WINDOWS\FaxSetup.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00106416 _____ C:\WINDOWS\ocgen.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00101527 _____ C:\WINDOWS\tsoc.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00074412 _____ C:\WINDOWS\comsetup.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00069882 _____ C:\WINDOWS\msmqinst.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00045046 _____ C:\WINDOWS\ntdtcsetup.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00038988 _____ C:\WINDOWS\netfxocm.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00015300 _____ C:\WINDOWS\MedCtrOC.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00013896 _____ C:\WINDOWS\ocmsn.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00011196 _____ C:\WINDOWS\tabletoc.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00011124 _____ C:\WINDOWS\msgsocm.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00001374 _____ C:\WINDOWS\imsins.log
2013-09-11 11:16 - 2011-11-27 08:52 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-09-11 11:16 - 2011-11-26 10:38 - 00000000 ____D C:\WINDOWS\ie8updates
2013-09-11 11:15 - 2011-11-27 08:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-09-11 11:11 - 2013-09-11 11:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-11 11:11 - 2013-09-11 06:57 - 00010263 _____ C:\WINDOWS\KB2876315.log
2013-09-11 11:11 - 2013-01-09 22:39 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-11 11:10 - 2013-09-11 06:57 - 00009633 _____ C:\WINDOWS\KB2876217.log
2013-09-11 11:10 - 2013-09-11 06:57 - 00008719 _____ C:\WINDOWS\KB2864063.log
2013-09-11 11:06 - 2013-08-16 11:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-11 11:03 - 2011-11-26 10:31 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-11 11:03 - 2011-11-25 18:24 - 00000000 ____D C:\Documents and Settings\Vicious
2013-09-11 07:29 - 2013-05-18 19:00 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-11 07:29 - 2011-11-26 10:25 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-11 06:49 - 2013-09-11 06:49 - 97063418 _____ C:\WINDOWS\system32\슕律L
2013-09-09 08:18 - 2012-04-19 16:49 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\fotky
2013-09-06 08:49 - 2013-09-06 08:47 - 00000000 ____D C:\AdwCleaner
2013-09-06 08:37 - 2013-09-06 08:37 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-06 08:33 - 2013-09-06 08:33 - 01037222 _____ C:\Documents and Settings\Vicious\Plocha\adwcleaner.exe
2013-09-06 08:31 - 2013-09-06 08:31 - 01028823 _____ (Thisisu) C:\Documents and Settings\Vicious\Plocha\JRT.exe
2013-09-06 06:57 - 2013-09-05 08:07 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-09-06 06:57 - 2013-09-05 08:07 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-09-06 06:50 - 2011-11-25 18:24 - 00000000 ___RD C:\Documents and Settings\Vicious\Dokumenty
2013-09-05 08:14 - 2013-09-05 08:13 - 00000000 ____D C:\rsit
2013-09-05 08:14 - 2011-12-04 13:25 - 00000000 ____D C:\Program Files\trend micro
2013-09-05 08:13 - 2013-09-05 08:13 - 00000000 ____D C:\Documents and Settings\Vicious\Data aplikací\Avira
2013-09-05 08:13 - 2011-11-25 18:24 - 00000000 __RHD C:\Documents and Settings\Vicious\Data aplikací
2013-09-05 08:11 - 2012-08-31 17:22 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-09-05 08:11 - 2011-11-25 18:17 - 00000000 ____D C:\WINDOWS\Registration
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-09-05 08:10 - 2011-11-25 19:13 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-05 08:09 - 2013-09-05 08:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\APN
2013-09-05 08:08 - 2013-09-05 08:08 - 00001707 _____ C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
2013-09-05 08:08 - 2013-09-05 08:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
2013-09-05 08:08 - 2011-11-25 19:13 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-09-05 08:08 - 2011-11-25 19:13 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-09-05 08:07 - 2013-09-05 08:07 - 00000000 ____D C:\Program Files\Avira
2013-09-05 08:06 - 2013-09-05 08:07 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2013-09-05 08:05 - 2013-09-05 08:07 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-09-04 17:23 - 2013-02-05 14:58 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-09-01 21:24 - 2013-09-01 18:10 - 1740271616 _____ C:\Documents and Settings\Vicious\Plocha\Čtyřlístek-ve-službách-krále,-CZ-2013.avi
2013-08-28 21:31 - 2013-08-28 21:31 - 00004189 _____ C:\WINDOWS\KB2834904-v2.log
2013-08-28 21:31 - 2013-08-28 21:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-28 14:49 - 2013-08-28 14:49 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Prater a Valtice
2013-08-28 14:25 - 2013-08-28 14:14 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Řecko Rhodos
2013-08-27 10:21 - 2012-05-10 07:01 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-27 09:51 - 2013-03-07 17:36 - 00032740 _____ C:\WINDOWS\setupapi.log
2013-08-27 08:22 - 2013-08-26 11:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-26 11:48 - 2011-11-26 09:47 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-16 11:34 - 2013-08-16 11:34 - 00012109 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-16 11:26 - 2011-11-25 19:14 - 01177836 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-16 11:25 - 2013-08-16 11:25 - 00005195 _____ C:\WINDOWS\KB2863058.log
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-16 11:25 - 2013-08-16 07:21 - 00009066 _____ C:\WINDOWS\KB2850869.log
2013-08-16 11:25 - 2013-08-16 07:20 - 00010859 _____ C:\WINDOWS\KB2859537.log
2013-08-16 11:25 - 2011-12-14 21:12 - 00024020 _____ C:\WINDOWS\system32\TZLog.log
2013-08-16 11:24 - 2013-08-16 11:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
Files to move or delete:
====================
C:\DOCUME~1\Vicious\LOCALS~1\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2008-04-14 09:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 09:00] - [2008-04-14 09:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== Alternate Data Streams (whitelisted) ====
==================== Loaded Modules (whitelisted) ============
2011-10-07 19:47 - 2011-10-07 19:47 - 00300200 _____ (COMODO) C:\WINDOWS\system32\guard32.dll
2011-05-04 19:54 - 2011-05-04 19:54 - 00551296 _____ (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
2011-11-26 20:12 - 2009-04-20 13:23 - 00123904 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpf3l70w.dll
2011-11-26 20:12 - 2009-04-20 13:23 - 00315904 _____ (Hewlett-Packard Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpfpp70w.dll
2011-11-26 21:50 - 2008-07-06 14:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
2013-09-05 08:07 - 2013-09-05 08:05 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-09-05 08:07 - 2013-09-05 08:04 - 00257536 _____ (The cURL library, http://curl.haxx.se/) C:\Program Files\Avira\AntiVir Desktop\libcurl.dll
2011-11-27 11:15 - 2004-12-13 03:05 - 01523796 _____ (The Firebird Project) C:\Program Files\iolo\Common\Lib\fbembed.dll
2011-09-23 19:37 - 2011-09-23 19:37 - 00047400 _____ (Nero AG) C:\Program Files\Nero\Update\NASvcPS.dll
2010-08-06 12:13 - 2010-08-06 12:13 - 00044032 _____ (Hewlett-Packard) c:\windows\system32\hpzinw12.dll
2011-06-29 18:19 - 2011-06-29 18:19 - 00009032 _____ (O&O Software GmbH) C:\Program Files\OO Software\Defrag\OODAGRS.DLL
2011-07-19 02:02 - 2011-07-19 02:02 - 00113024 _____ (SuperAdBlocker.com) C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
2011-09-20 10:43 - 2011-09-20 10:43 - 02442536 _____ (Nero AG) C:\Program Files\Common Files\Nero\NeroShellExt\NeroShellExt.dll
2011-09-20 10:43 - 2011-09-20 10:43 - 00031528 _____ (Nero AG) C:\Program Files\Common Files\Nero\NeroShellExt\SolutionExplorer.dll
2011-09-20 15:55 - 2011-09-20 15:55 - 00899880 _____ (Nero AG) C:\Program Files\Nero\Nero 11\Nero BackItUp\NBShell.dll
2011-07-19 02:08 - 2011-07-19 02:08 - 00141696 _____ (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
2011-11-25 19:45 - 2011-03-02 13:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-11-25 19:45 - 2011-03-31 23:35 - 00331776 _____ () C:\Program Files\WinRAR\rarlng.dll
2011-06-29 18:22 - 2011-06-29 18:22 - 01054536 _____ (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodsh.dll
2011-06-29 18:20 - 2011-06-29 18:20 - 00316744 _____ (O&O Software GmbH) C:\Program Files\OO Software\Defrag\OODSHRS.DLL
2011-12-03 17:38 - 2011-04-20 17:06 - 00010752 _____ (Fengtao Software Inc.) C:\Program Files\DVDFab 8 Qt\DVDFabShellEx.dll
2011-08-17 09:25 - 2011-08-17 09:25 - 00686400 _____ (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShl32.dll
2012-01-24 20:23 - 2005-01-19 12:46 - 00135168 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\Namespc2.dll
2012-01-24 20:23 - 2005-01-19 12:24 - 00010240 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\AlbuDBps.dll
2010-08-06 12:13 - 2010-08-06 12:13 - 00053760 _____ (Hewlett-Packard) c:\windows\system32\hpzipm12.dll
2013-01-05 10:42 - 2007-01-17 02:21 - 00622592 ____R (Hewlett-Packard) C:\WINDOWS\system32\hpxp2436.dll
2012-01-24 18:59 - 2008-05-04 18:16 - 00040960 _____ (NewSoft Technology Corporation) C:\Program Files\NewSoft\Presto! PVR\NSImage.dll
2012-01-24 18:59 - 2009-03-24 17:29 - 00049152 _____ (NewSoft Technology Corporation) C:\Program Files\NewSoft\Presto! PVR\ProgramInfo.dll
2005-01-19 12:06 - 2005-01-19 12:06 - 00258048 _____ (Labtec Inc.) C:\WINDOWS\system32\lvmaenum.dll
2005-01-19 12:06 - 2005-01-19 12:06 - 00077824 _____ (Labtec Inc.) C:\WINDOWS\system32\lvcomcx.dll
2012-01-24 20:23 - 2005-01-19 12:19 - 00466944 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\QCUI2.dll
2012-01-24 20:23 - 2005-01-19 12:18 - 00090112 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\LQCUI2.dll
2012-01-24 20:23 - 2005-01-19 12:38 - 00094208 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\LLogTray.dll
2012-01-24 20:23 - 2005-01-19 12:21 - 00008192 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\FXSvrps.dll
2010-08-06 12:13 - 2010-08-06 12:13 - 00034816 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipr12.dll
2013-08-26 11:53 - 2013-08-26 11:53 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2011-08-17 09:27 - 2011-11-26 21:30 - 04344896 _____ (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTCommonRes.dll
2011-08-17 09:26 - 2011-08-17 09:26 - 04373824 _____ (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\Engine.dll
2011-07-26 09:41 - 2011-07-26 09:41 - 00316736 _____ (DT Soft Ltd.) C:\Program Files\DAEMON Tools Pro\ImgEngine.dll
==================== Scheduled Tasks (whitelisted) ===========
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Supplementary Scan (All) ================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\!SASCORE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\ioloSystemService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\!SASCORE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\ioloSystemService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\{1a3e09be-1e45-494b-9174-d7385b45bbf5}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"EnableLinkedConnections"=dword:00000001
"DisableRegistryTools"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=dword:03ffffff
"NoDriveTypeAutoRun"=dword:000001db
"NoDrives"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=dword:00000001
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"="C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"="C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe"="C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe:*:Enabled:Wolfenstein(TM)"
"C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe"="C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM)"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:Torrent"
"C:\\Documents and Settings\\Vicious\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\Vicious\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"="midimap.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msadpcm"="msadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.trspch"="tssoft32.acm"
"vidc.cvid"="iccvid.dll"
"VIDC.I420"="msh263.drv"
"vidc.iv31"="ir32_32.dll"
"vidc.iv32"="ir32_32.dll"
"vidc.iv41"="ir41_32.ax"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVU9"="tsbyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"wavemapper"="msacm32.drv"
"msacm.msg723"="msg723.acm"
"vidc.M263"="msh263.drv"
"vidc.M261"="msh261.drv"
"msacm.msaudio1"="msaud32.acm"
"msacm.sl_anet"="sl_anet.acm"
"msacm.iac2"="C:\\WINDOWS\\system32\\iac25_32.ax"
"vidc.iv50"="ir50_32.dll"
"msacm.l3acm"="C:\\WINDOWS\\system32\\l3codeca.acm"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"MSVideo8"="VfWWDM32.dll"
"MSVideo"="vfwwdm32.dll"
"msacm.dvacm"="C:\\PROGRA~1\\COMMON~1\\ULEADS~1\\Vio\\Dvacm.acm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP]
"wave"="rdpsnd.dll"
"mixer"="rdpsnd.dll"
"MaxBandwidth"=dword:000056b9
"wavemapper"="msacm32.drv"
"EnableMP3Codec"=dword:00000001
"midimapper"="midimap.dll"
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:74.52 GB) (Free:4.1 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (H) (Fixed) (Total:149.05 GB) (Free:17.08 GB) NTFS
Available physical RAM: 1141.33 MB
Total physical RAM: 1791.23 MB
Percentage of memory in use: 36%
==================== MBR and Partition Table =================
Disk: 0 (Size: 149 GB) (Disk ID: 349955F7)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
Disk: 1 (Size: 75 GB) (Disk ID: E916E916)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
==================== End Of Log ==============================
Ran by Vicious (administrator) on VICIOUS-D06C9FF on 12-09-2013 16:41:23
Running from C:\Documents and Settings\Vicious\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
(NewSoft) C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
(Labtec Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(Labtec Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Labtec Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33718272 2009-12-03] (VIA Technologies, Inc.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2497352 2011-10-20] (COMODO)
HKLM\...\Run: [ChangeFilterMerit] - C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM\...\Run: [Presto! PVR Monitor] - C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [161616 2009-08-07] (NewSoft)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoRepair] - C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [LogitechVideoTray] - C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-01-19] (Labtec Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-06] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDrives] 0
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 16 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default
FF Homepage: hxxp://www.google.cz/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: IDM CC - C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default\Extensions\mozilla_cc@internetdownloadmanager.com
FF Extension: WebTran - C:\Documents and Settings\Vicious\Data aplikací\Mozilla\Firefox\Profiles\botbqghb.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Vicious\Local Settings\Data aplikací\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll No File
CHR Extension: (Google Docs) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\DOCUME~1\Vicious\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-06] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1883328 2011-10-07] (COMODO)
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [722616 2011-08-08] (iolo technologies, LLC)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [641832 2011-09-23] (Nero AG)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2468168 2011-06-29] (O&O Software GmbH)
S4 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
S3 AMBFilt; C:\Windows\System32\drivers\AMBFilt.sys [1656960 2009-06-26] (Creative)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [492768 2011-10-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [31704 2011-10-07] (COMODO)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2009-05-18] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2009-05-18] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-05-18] (HP)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [97760 2011-10-07] (COMODO)
R3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-01-19] (Labtec Inc.)
S3 MonFilt; C:\Windows\System32\drivers\MonFilt.sys [1389056 2008-12-02] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\drivers\nvgts.sys [145952 2008-08-18] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] (NVIDIA Corporation)
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-19] (Labtec Inc.)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [93216 2009-08-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32800 2009-08-17] (REALTEK SEMICONDUCTOR Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2011-11-26] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-05] (Avira GmbH)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1617408 2009-11-25] (VIA Technologies, Inc.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [210048 2011-05-25] ( )
U3 azs6bv2a; C:\Windows\System32\Drivers\azs6bv2a.sys [0 ] (NVIDIA Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-12 16:40 - 2013-09-12 16:40 - 00000000 ____D C:\FRST
2013-09-12 16:39 - 2013-09-12 07:47 - 00002939 _____ C:\Documents and Settings\Vicious\Plocha\SecurityCenter.vbs
2013-09-12 16:39 - 2013-09-11 22:34 - 01082587 _____ (Farbar) C:\Documents and Settings\Vicious\Plocha\FRST.exe
2013-09-12 16:23 - 2013-09-12 16:23 - 00000000 ____D C:\qb0BFC7B.EC
2013-09-11 11:15 - 2013-09-11 11:16 - 00012565 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-11 11:11 - 2013-09-11 11:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-11 06:57 - 2013-09-11 11:11 - 00010263 _____ C:\WINDOWS\KB2876315.log
2013-09-11 06:57 - 2013-09-11 11:10 - 00009633 _____ C:\WINDOWS\KB2876217.log
2013-09-11 06:57 - 2013-09-11 11:10 - 00008719 _____ C:\WINDOWS\KB2864063.log
2013-09-11 06:49 - 2013-09-11 06:49 - 97063418 _____ C:\WINDOWS\system32\슕律L
2013-09-06 08:47 - 2013-09-06 08:49 - 00000000 ____D C:\AdwCleaner
2013-09-06 08:37 - 2013-09-06 08:37 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-06 08:33 - 2013-09-06 08:33 - 01037222 _____ C:\Documents and Settings\Vicious\Plocha\adwcleaner.exe
2013-09-06 08:31 - 2013-09-06 08:31 - 01028823 _____ (Thisisu) C:\Documents and Settings\Vicious\Plocha\JRT.exe
2013-09-05 08:13 - 2013-09-05 08:14 - 00000000 ____D C:\rsit
2013-09-05 08:13 - 2013-09-05 08:13 - 00000000 ____D C:\Documents and Settings\Vicious\Data aplikací\Avira
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-09-05 08:09 - 2013-09-05 08:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\APN
2013-09-05 08:08 - 2013-09-05 08:08 - 00001707 _____ C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
2013-09-05 08:07 - 2013-09-06 06:57 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-09-05 08:07 - 2013-09-06 06:57 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-09-05 08:07 - 2013-09-05 08:08 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
2013-09-05 08:07 - 2013-09-05 08:07 - 00000000 ____D C:\Program Files\Avira
2013-09-05 08:07 - 2013-09-05 08:06 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2013-09-05 08:07 - 2013-09-05 08:05 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-09-01 18:10 - 2013-09-01 21:24 - 1740271616 _____ C:\Documents and Settings\Vicious\Plocha\Čtyřlístek-ve-službách-krále,-CZ-2013.avi
2013-08-28 21:31 - 2013-08-28 21:31 - 00004189 _____ C:\WINDOWS\KB2834904-v2.log
2013-08-28 21:31 - 2013-08-28 21:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-28 14:49 - 2013-08-28 14:49 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Prater a Valtice
2013-08-28 14:14 - 2013-08-28 14:25 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Řecko Rhodos
2013-08-26 11:53 - 2013-08-27 08:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-16 11:34 - 2013-08-16 11:34 - 00012109 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-16 11:31 - 2013-09-11 11:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-16 11:25 - 2013-08-16 11:25 - 00005195 _____ C:\WINDOWS\KB2863058.log
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-16 11:24 - 2013-08-16 11:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-16 07:21 - 2013-08-16 11:25 - 00009066 _____ C:\WINDOWS\KB2850869.log
2013-08-16 07:20 - 2013-08-16 11:25 - 00010859 _____ C:\WINDOWS\KB2859537.log
==================== One Month Modified Files and Folders =======
2013-09-12 16:40 - 2013-09-12 16:40 - 00000000 ____D C:\FRST
2013-09-12 16:39 - 2011-11-25 19:24 - 00000000 ____D C:\Documents and Settings\Vicious\Dokumenty\Stažené soubory
2013-09-12 16:39 - 2011-11-25 18:24 - 00000000 ___HD C:\Documents and Settings\Vicious\Local Settings\Data aplikací
2013-09-12 16:39 - 2011-11-25 18:24 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha
2013-09-12 16:29 - 2013-05-18 19:00 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-12 16:28 - 2011-11-25 18:19 - 01415524 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-12 16:26 - 2013-02-05 14:52 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-12 16:26 - 2008-04-14 09:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-12 16:25 - 2011-11-27 08:31 - 01295726 _____ C:\WINDOWS\system32\oodbs.lor
2013-09-12 16:25 - 2011-11-25 19:15 - 00000300 _____ C:\WINDOWS\wiadebug.log
2013-09-12 16:25 - 2011-11-25 19:15 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-09-12 16:25 - 2011-11-25 18:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-12 16:24 - 2011-11-25 18:24 - 00000178 ___SH C:\Documents and Settings\Vicious\ntuser.ini
2013-09-12 16:24 - 2011-11-25 18:23 - 00032496 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-12 16:23 - 2013-09-12 16:23 - 00000000 ____D C:\qb0BFC7B.EC
2013-09-12 16:17 - 2013-02-05 14:52 - 00000942 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-12 16:11 - 2011-11-25 19:13 - 00298848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-12 07:47 - 2013-09-12 16:39 - 00002939 _____ C:\Documents and Settings\Vicious\Plocha\SecurityCenter.vbs
2013-09-11 22:34 - 2013-09-12 16:39 - 01082587 _____ (Farbar) C:\Documents and Settings\Vicious\Plocha\FRST.exe
2013-09-11 11:16 - 2013-09-11 11:15 - 00012565 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-11 11:16 - 2013-01-15 12:07 - 00024394 _____ C:\WINDOWS\updspapi.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00241339 _____ C:\WINDOWS\iis6.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00222581 _____ C:\WINDOWS\FaxSetup.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00106416 _____ C:\WINDOWS\ocgen.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00101527 _____ C:\WINDOWS\tsoc.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00074412 _____ C:\WINDOWS\comsetup.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00069882 _____ C:\WINDOWS\msmqinst.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00045046 _____ C:\WINDOWS\ntdtcsetup.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00038988 _____ C:\WINDOWS\netfxocm.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00015300 _____ C:\WINDOWS\MedCtrOC.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00013896 _____ C:\WINDOWS\ocmsn.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00011196 _____ C:\WINDOWS\tabletoc.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00011124 _____ C:\WINDOWS\msgsocm.log
2013-09-11 11:16 - 2013-01-09 22:39 - 00001374 _____ C:\WINDOWS\imsins.log
2013-09-11 11:16 - 2011-11-27 08:52 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-09-11 11:16 - 2011-11-26 10:38 - 00000000 ____D C:\WINDOWS\ie8updates
2013-09-11 11:15 - 2011-11-27 08:46 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-09-11 11:11 - 2013-09-11 11:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-11 11:11 - 2013-09-11 06:57 - 00010263 _____ C:\WINDOWS\KB2876315.log
2013-09-11 11:11 - 2013-01-09 22:39 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-11 11:10 - 2013-09-11 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-11 11:10 - 2013-09-11 06:57 - 00009633 _____ C:\WINDOWS\KB2876217.log
2013-09-11 11:10 - 2013-09-11 06:57 - 00008719 _____ C:\WINDOWS\KB2864063.log
2013-09-11 11:06 - 2013-08-16 11:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-11 11:03 - 2011-11-26 10:31 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-11 11:03 - 2011-11-25 18:24 - 00000000 ____D C:\Documents and Settings\Vicious
2013-09-11 07:29 - 2013-05-18 19:00 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-11 07:29 - 2011-11-26 10:25 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-11 06:49 - 2013-09-11 06:49 - 97063418 _____ C:\WINDOWS\system32\슕律L
2013-09-09 08:18 - 2012-04-19 16:49 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\fotky
2013-09-06 08:49 - 2013-09-06 08:47 - 00000000 ____D C:\AdwCleaner
2013-09-06 08:37 - 2013-09-06 08:37 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-06 08:33 - 2013-09-06 08:33 - 01037222 _____ C:\Documents and Settings\Vicious\Plocha\adwcleaner.exe
2013-09-06 08:31 - 2013-09-06 08:31 - 01028823 _____ (Thisisu) C:\Documents and Settings\Vicious\Plocha\JRT.exe
2013-09-06 06:57 - 2013-09-05 08:07 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-09-06 06:57 - 2013-09-05 08:07 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-09-06 06:50 - 2011-11-25 18:24 - 00000000 ___RD C:\Documents and Settings\Vicious\Dokumenty
2013-09-05 08:14 - 2013-09-05 08:13 - 00000000 ____D C:\rsit
2013-09-05 08:14 - 2011-12-04 13:25 - 00000000 ____D C:\Program Files\trend micro
2013-09-05 08:13 - 2013-09-05 08:13 - 00000000 ____D C:\Documents and Settings\Vicious\Data aplikací\Avira
2013-09-05 08:13 - 2011-11-25 18:24 - 00000000 __RHD C:\Documents and Settings\Vicious\Data aplikací
2013-09-05 08:11 - 2012-08-31 17:22 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-09-05 08:11 - 2011-11-25 18:17 - 00000000 ____D C:\WINDOWS\Registration
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-09-05 08:10 - 2011-11-25 19:13 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-09-05 08:09 - 2013-09-05 08:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\APN
2013-09-05 08:08 - 2013-09-05 08:08 - 00001707 _____ C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
2013-09-05 08:08 - 2013-09-05 08:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
2013-09-05 08:08 - 2011-11-25 19:13 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-09-05 08:08 - 2011-11-25 19:13 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-09-05 08:07 - 2013-09-05 08:07 - 00000000 ____D C:\Program Files\Avira
2013-09-05 08:06 - 2013-09-05 08:07 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2013-09-05 08:05 - 2013-09-05 08:07 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-09-04 17:23 - 2013-02-05 14:58 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-09-01 21:24 - 2013-09-01 18:10 - 1740271616 _____ C:\Documents and Settings\Vicious\Plocha\Čtyřlístek-ve-službách-krále,-CZ-2013.avi
2013-08-28 21:31 - 2013-08-28 21:31 - 00004189 _____ C:\WINDOWS\KB2834904-v2.log
2013-08-28 21:31 - 2013-08-28 21:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-28 14:49 - 2013-08-28 14:49 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Prater a Valtice
2013-08-28 14:25 - 2013-08-28 14:14 - 00000000 ____D C:\Documents and Settings\Vicious\Plocha\Řecko Rhodos
2013-08-27 10:21 - 2012-05-10 07:01 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-27 09:51 - 2013-03-07 17:36 - 00032740 _____ C:\WINDOWS\setupapi.log
2013-08-27 08:22 - 2013-08-26 11:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-26 11:48 - 2011-11-26 09:47 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-16 11:34 - 2013-08-16 11:34 - 00012109 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-16 11:26 - 2011-11-25 19:14 - 01177836 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-16 11:25 - 2013-08-16 11:25 - 00005195 _____ C:\WINDOWS\KB2863058.log
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-16 11:25 - 2013-08-16 11:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-16 11:25 - 2013-08-16 07:21 - 00009066 _____ C:\WINDOWS\KB2850869.log
2013-08-16 11:25 - 2013-08-16 07:20 - 00010859 _____ C:\WINDOWS\KB2859537.log
2013-08-16 11:25 - 2011-12-14 21:12 - 00024020 _____ C:\WINDOWS\system32\TZLog.log
2013-08-16 11:24 - 2013-08-16 11:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
Files to move or delete:
====================
C:\DOCUME~1\Vicious\LOCALS~1\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2008-04-14 09:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2008-04-14 09:00] - [2008-04-14 09:00] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2008-04-14 09:00] - [2008-04-14 09:00] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 09:00] - [2008-04-14 09:00] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== Alternate Data Streams (whitelisted) ====
==================== Loaded Modules (whitelisted) ============
2011-10-07 19:47 - 2011-10-07 19:47 - 00300200 _____ (COMODO) C:\WINDOWS\system32\guard32.dll
2011-05-04 19:54 - 2011-05-04 19:54 - 00551296 _____ (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
2011-11-26 20:12 - 2009-04-20 13:23 - 00123904 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpf3l70w.dll
2011-11-26 20:12 - 2009-04-20 13:23 - 00315904 _____ (Hewlett-Packard Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpfpp70w.dll
2011-11-26 21:50 - 2008-07-06 14:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
2013-09-05 08:07 - 2013-09-05 08:05 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-09-05 08:07 - 2013-09-05 08:04 - 00257536 _____ (The cURL library, http://curl.haxx.se/) C:\Program Files\Avira\AntiVir Desktop\libcurl.dll
2011-11-27 11:15 - 2004-12-13 03:05 - 01523796 _____ (The Firebird Project) C:\Program Files\iolo\Common\Lib\fbembed.dll
2011-09-23 19:37 - 2011-09-23 19:37 - 00047400 _____ (Nero AG) C:\Program Files\Nero\Update\NASvcPS.dll
2010-08-06 12:13 - 2010-08-06 12:13 - 00044032 _____ (Hewlett-Packard) c:\windows\system32\hpzinw12.dll
2011-06-29 18:19 - 2011-06-29 18:19 - 00009032 _____ (O&O Software GmbH) C:\Program Files\OO Software\Defrag\OODAGRS.DLL
2011-07-19 02:02 - 2011-07-19 02:02 - 00113024 _____ (SuperAdBlocker.com) C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
2011-09-20 10:43 - 2011-09-20 10:43 - 02442536 _____ (Nero AG) C:\Program Files\Common Files\Nero\NeroShellExt\NeroShellExt.dll
2011-09-20 10:43 - 2011-09-20 10:43 - 00031528 _____ (Nero AG) C:\Program Files\Common Files\Nero\NeroShellExt\SolutionExplorer.dll
2011-09-20 15:55 - 2011-09-20 15:55 - 00899880 _____ (Nero AG) C:\Program Files\Nero\Nero 11\Nero BackItUp\NBShell.dll
2011-07-19 02:08 - 2011-07-19 02:08 - 00141696 _____ (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
2011-11-25 19:45 - 2011-03-02 13:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-11-25 19:45 - 2011-03-31 23:35 - 00331776 _____ () C:\Program Files\WinRAR\rarlng.dll
2011-06-29 18:22 - 2011-06-29 18:22 - 01054536 _____ (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodsh.dll
2011-06-29 18:20 - 2011-06-29 18:20 - 00316744 _____ (O&O Software GmbH) C:\Program Files\OO Software\Defrag\OODSHRS.DLL
2011-12-03 17:38 - 2011-04-20 17:06 - 00010752 _____ (Fengtao Software Inc.) C:\Program Files\DVDFab 8 Qt\DVDFabShellEx.dll
2011-08-17 09:25 - 2011-08-17 09:25 - 00686400 _____ (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShl32.dll
2012-01-24 20:23 - 2005-01-19 12:46 - 00135168 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\Namespc2.dll
2012-01-24 20:23 - 2005-01-19 12:24 - 00010240 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\AlbuDBps.dll
2010-08-06 12:13 - 2010-08-06 12:13 - 00053760 _____ (Hewlett-Packard) c:\windows\system32\hpzipm12.dll
2013-01-05 10:42 - 2007-01-17 02:21 - 00622592 ____R (Hewlett-Packard) C:\WINDOWS\system32\hpxp2436.dll
2012-01-24 18:59 - 2008-05-04 18:16 - 00040960 _____ (NewSoft Technology Corporation) C:\Program Files\NewSoft\Presto! PVR\NSImage.dll
2012-01-24 18:59 - 2009-03-24 17:29 - 00049152 _____ (NewSoft Technology Corporation) C:\Program Files\NewSoft\Presto! PVR\ProgramInfo.dll
2005-01-19 12:06 - 2005-01-19 12:06 - 00258048 _____ (Labtec Inc.) C:\WINDOWS\system32\lvmaenum.dll
2005-01-19 12:06 - 2005-01-19 12:06 - 00077824 _____ (Labtec Inc.) C:\WINDOWS\system32\lvcomcx.dll
2012-01-24 20:23 - 2005-01-19 12:19 - 00466944 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\QCUI2.dll
2012-01-24 20:23 - 2005-01-19 12:18 - 00090112 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\LQCUI2.dll
2012-01-24 20:23 - 2005-01-19 12:38 - 00094208 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\LLogTray.dll
2012-01-24 20:23 - 2005-01-19 12:21 - 00008192 _____ (Labtec Inc.) C:\Program Files\Logitech\Video\FXSvrps.dll
2010-08-06 12:13 - 2010-08-06 12:13 - 00034816 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipr12.dll
2013-08-26 11:53 - 2013-08-26 11:53 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2011-08-17 09:27 - 2011-11-26 21:30 - 04344896 _____ (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTCommonRes.dll
2011-08-17 09:26 - 2011-08-17 09:26 - 04373824 _____ (DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\Engine.dll
2011-07-26 09:41 - 2011-07-26 09:41 - 00316736 _____ (DT Soft Ltd.) C:\Program Files\DAEMON Tools Pro\ImgEngine.dll
==================== Scheduled Tasks (whitelisted) ===========
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Supplementary Scan (All) ================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\!SASCORE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\ioloSystemService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\!SASCORE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\ioloSystemService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\{1a3e09be-1e45-494b-9174-d7385b45bbf5}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"EnableLinkedConnections"=dword:00000001
"DisableRegistryTools"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=dword:03ffffff
"NoDriveTypeAutoRun"=dword:000001db
"NoDrives"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=dword:00000001
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"="C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe:*:Enabled:hpofxs08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe:*:Enabled:hpqfxt08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"="C:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe"="C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe:*:Enabled:Wolfenstein(TM)"
"C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe"="C:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM)"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:Torrent"
"C:\\Documents and Settings\\Vicious\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\Vicious\\Local Settings\\Data aplikac\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"="midimap.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msadpcm"="msadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.trspch"="tssoft32.acm"
"vidc.cvid"="iccvid.dll"
"VIDC.I420"="msh263.drv"
"vidc.iv31"="ir32_32.dll"
"vidc.iv32"="ir32_32.dll"
"vidc.iv41"="ir41_32.ax"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVU9"="tsbyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"wavemapper"="msacm32.drv"
"msacm.msg723"="msg723.acm"
"vidc.M263"="msh263.drv"
"vidc.M261"="msh261.drv"
"msacm.msaudio1"="msaud32.acm"
"msacm.sl_anet"="sl_anet.acm"
"msacm.iac2"="C:\\WINDOWS\\system32\\iac25_32.ax"
"vidc.iv50"="ir50_32.dll"
"msacm.l3acm"="C:\\WINDOWS\\system32\\l3codeca.acm"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"MSVideo8"="VfWWDM32.dll"
"MSVideo"="vfwwdm32.dll"
"msacm.dvacm"="C:\\PROGRA~1\\COMMON~1\\ULEADS~1\\Vio\\Dvacm.acm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP]
"wave"="rdpsnd.dll"
"mixer"="rdpsnd.dll"
"MaxBandwidth"=dword:000056b9
"wavemapper"="msacm32.drv"
"EnableMP3Codec"=dword:00000001
"midimapper"="midimap.dll"
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:74.52 GB) (Free:4.1 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (H) (Fixed) (Total:149.05 GB) (Free:17.08 GB) NTFS
Available physical RAM: 1141.33 MB
Total physical RAM: 1791.23 MB
Percentage of memory in use: 36%
==================== MBR and Partition Table =================
Disk: 0 (Size: 149 GB) (Disk ID: 349955F7)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
Disk: 1 (Size: 75 GB) (Disk ID: E916E916)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
==================== End Of Log ==============================
Re: Prosím o kontrolu
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Policies\Explorer: [NoDrives] 0 HKCU\...\Policies\Explorer: [NoDrives] 0 SearchScopes: HKLM - DefaultScope value is missing. BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File 2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Program Files\AskPartnerNetwork 2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork 2013-09-05 08:09 - 2013-09-05 08:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\APN R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-09-2013 02
Ran by Vicious at 2013-09-21 08:38:59 Run:1
Running from C:\Documents and Settings\Vicious\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDrives] 0
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-09-05 08:09 - 2013-09-05 08:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\APN
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} => Key deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Value deleted successfully.
HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
C:\Program Files\AskPartnerNetwork => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\APN => Moved successfully.
APNMCP => Service deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
The system needs a manual reboot.
==== End of Fixlog ====
Ran by Vicious at 2013-09-21 08:38:59 Run:1
Running from C:\Documents and Settings\Vicious\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDrives] 0
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-05 08:10 - 2013-09-05 08:10 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
2013-09-05 08:09 - 2013-09-05 08:09 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\APN
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} => Key deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Value deleted successfully.
HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
C:\Program Files\AskPartnerNetwork => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\APN => Moved successfully.
APNMCP => Service deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
The system needs a manual reboot.
==== End of Fixlog ====
Re: Prosím o kontrolu
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Vše ok. Děkuji.
Re: Prosím o kontrolu
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?