Ahoj. S těmito problémi žiju už asi rok, ale už mě to nedalo. Nejde mě například spravovat registry (pouze jako administrator v nouzovem rezimu - muj profil je spravce PC), nejde se mi dostat do slozky s firewallem ani jej nemuzu spravovat. Atd atd..
HJT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52, on 2010-11-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Karel\Plocha\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aramayapalim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 servserv.generals.ea.com
O1 - Hosts: ::1 mangler1.generals.ea.com
O1 - Hosts: ::1 mangler2.generals.ea.com
O1 - Hosts: ::1 mangler3.generals.ea.com
O1 - Hosts: ::1 mangler4.generals.ea.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\Internet Security\FortKnox Personal Firewall\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Philips Media Manager.lnk = C:\Program Files\Philips\Media Manager\Philips Media Manager.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &search - ?p=ZKman000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5148918828
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: ZwangiSrch Service - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\ZwangiSrch\zwangi151.exe (file missing)
--
End of file - 13437 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Všeobecný problém s windows
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Všeobecný problém s windows
a RSIT (coz je asi HJT ale neva):
Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-11-12 19:00:00
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 16 GB (7%) free of 232 GB
Total RAM: 2047 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00, on 2010-11-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Karel\Plocha\HijackThis.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Karel\Plocha\RSIT.exe
C:\Documents and Settings\Karel\Plocha\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aramayapalim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 servserv.generals.ea.com
O1 - Hosts: ::1 mangler1.generals.ea.com
O1 - Hosts: ::1 mangler2.generals.ea.com
O1 - Hosts: ::1 mangler3.generals.ea.com
O1 - Hosts: ::1 mangler4.generals.ea.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\Internet Security\FortKnox Personal Firewall\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Philips Media Manager.lnk = C:\Program Files\Philips\Media Manager\Philips Media Manager.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &search - ?p=ZKman000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5148918828
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: ZwangiSrch Service - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\ZwangiSrch\zwangi151.exe (file missing)
--
End of file - 13905 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\PCConfidential.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-06-09 45568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-06-07 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-30 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-15 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-06-07 2403392]
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-04-30 185896]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-10-19 98304]
"FortKnoxPersonalFirewall"=C:\Program Files\NETGATE\Internet Security\FortKnox Personal Firewall\FortKnoxGUI.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"QIP Internet Guardian"=C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe [2010-06-09 187904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-10-19 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-18 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\iifcBrsT
"notification packages"=
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\Philips\Media Manager\Philips Media Manager.exe"="C:\Program Files\Philips\Media Manager\Philips Media Manager.exe:*:Enabled:Philips Media Management for your Media Devices"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Disabled:ICQ6"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Steam\steamapps\nekro360\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\hry\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\hry\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\Steam\steamapps\nekro360\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\hry\HD Publishing\Joint Task Force\jtf.exe"="C:\hry\HD Publishing\Joint Task Force\jtf.exe:*:Enabled:jtf"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\hry\Call of Duty Game of the Year Edition\CoDUOMP.exe"="C:\hry\Call of Duty Game of the Year Edition\CoDUOMP.exe:*:Enabled:CoDUOMP"
"C:\hry\Call of Duty Game of the Year Edition\CoDMP.exe"="C:\hry\Call of Duty Game of the Year Edition\CoDMP.exe:*:Enabled:CoDMP"
"C:\hry\Panzer Elite Action\Panzer Elite Action\pea.exe"="C:\hry\Panzer Elite Action\Panzer Elite Action\pea.exe:*:Enabled:pea"
"C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe"="C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\3006-cs2d\CounterStrike2D.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\3006-cs2d\CounterStrike2D.exe:*:Enabled:CounterStrike2D"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\Counter-Strike 1.6-condition zero\hl.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\Counter-Strike 1.6-condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\steamapps\common\midnight club 2\mc2.exe"="C:\Program Files\Steam\steamapps\common\midnight club 2\mc2.exe:*:Enabled:mc2"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\hry\TmNationsForever\TmForever.exe"="C:\hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Steam\steamapps\nekro360\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Steam\steamapps\nekro360\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\hry\Ubisoft\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe"="C:\hry\Ubisoft\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:R6Vegas2_Game"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\Unreal Tournament\System\UnrealTournament.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\Unreal Tournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\Program Files\Steam\steamapps\nekro360\day of defeat source beta\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\day of defeat source beta\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\LieroX v0.56 Pack 1.9\LieroX.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\LieroX v0.56 Pack 1.9\LieroX.exe:*:Enabled:LieroX"
"C:\hry\Half-Life 2\hl2.exe"="C:\hry\Half-Life 2\hl2.exe:*:Disabled:hl2"
"C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4X.exe"="C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate"
"C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe"="C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate dedikovaný server"
"C:\hry\OniGames\EuroCops\Bin\EuroCops.exe"="C:\hry\OniGames\EuroCops\Bin\EuroCops.exe:*:Enabled:Game Application"
"C:\hry\Counter-Strike\hl.exe"="C:\hry\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\hry\Ubisoft\Rainbow Six Vegas\Binaries\R6Vegas_Game.exe"="C:\hry\Ubisoft\Rainbow Six Vegas\Binaries\R6Vegas_Game.exe:*:Enabled:R6Vegas_Game"
"C:\Program Files\LowRateVoip\LowRateVoip.exe"="C:\Program Files\LowRateVoip\LowRateVoip.exe:*:Enabled:LowRateVoip"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe"="C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"C:\Westwood\RA2\GAME.EXE"="C:\Westwood\RA2\GAME.EXE:*:Enabled:Main executable for Red Alert 2"
"C:\Program Files\Activision\Call of Duty - World at War Beta\CoDWaWbeta.exe"="C:\Program Files\Activision\Call of Duty - World at War Beta\CoDWaWbeta.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\Program Files\RndLabs\BaboViolent 2\BaboViolent2.exe"="C:\Program Files\RndLabs\BaboViolent 2\BaboViolent2.exe:*:Enabled:BaboViolent2"
"C:\Program Files\America's Army\System\ArmyOps.exe"="C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\hry\VUGames\SWAT 4\Content\System\Swat4.exe"="C:\hry\VUGames\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4"
"C:\hry\Strategy First\Strike Fighters - Project 1\FlightSim.exe"="C:\hry\Strategy First\Strike Fighters - Project 1\FlightSim.exe:*:Enabled:FlightSim"
"C:\hry\Warcraft III\Warcraft III.exe"="C:\hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Karel\Plocha\X-Plane 9 Demo\X-Plane.exe"="C:\Documents and Settings\Karel\Plocha\X-Plane 9 Demo\X-Plane.exe:*:Enabled:X-Plane"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"C:\hry\Wings Over Vietnam\WOV.exe"="C:\hry\Wings Over Vietnam\WOV.exe:*:Enabled:Wings Over Vietnam"
"C:\Program Files\Wings Over Europe\WOE.exe"="C:\Program Files\Wings Over Europe\WOE.exe:*:Enabled:Wings Over Europe"
"C:\Program Files\Air Conflicts\ac.exe"="C:\Program Files\Air Conflicts\ac.exe:*:Enabled:ac"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\hry\FlightGear\bin\Win32\fgfs.exe"="C:\hry\FlightGear\bin\Win32\fgfs.exe:*:Enabled:fgfs"
"C:\Program Files\Rocket Racer\RocketRacer.exe"="C:\Program Files\Rocket Racer\RocketRacer.exe:*:Enabled:RocketRacer"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Documents and Settings\Karel\Launcher.atm"="C:\Documents and Settings\Karel\Launcher.atm:Enabled:GameExe2"
"C:\Documents and Settings\Karel\Res-Voip\SCVoIP.exe"="C:\Documents and Settings\Karel\Res-Voip\SCVoIP.exe:Enabled:GameVoIP"
"C:\Program Files\SubaGames\ACEonline\Launcher.atm"="C:\Program Files\SubaGames\ACEonline\Launcher.atm:Enabled:GameExe2"
"C:\Program Files\SubaGames\ACEonline\Res-Voip\SCVoIP.exe"="C:\Program Files\SubaGames\ACEonline\Res-Voip\SCVoIP.exe:Enabled:GameVoIP"
"C:\Program Files\IVAO\IvAp\ivapnetint.exe"="C:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\hry\TmNationsForeverr\TmForever.exe"="C:\hry\TmNationsForeverr\TmForever.exe:*:Enabled:TmForever"
"C:\hry\Bohemia Interactive\ArmA\arma.exe"="C:\hry\Bohemia Interactive\ArmA\arma.exe:*:Enabled:ArmA"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam 732897"
"C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Online\System\SCDA_online.exe"="C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Online\System\SCDA_online.exe:*:Enabled:SCDA_online"
"C:\Program Files\Steam\steamapps\common\operations flashpoint dragon rising - demo\OFDR Demo.exe"="C:\Program Files\Steam\steamapps\common\operations flashpoint dragon rising - demo\OFDR Demo.exe:*:Enabled:OFDR Demo"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\TCSB.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\TCSB.exe:*:Enabled:TC Server Browser for Tunngle"
"C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\diprip warm up\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\diprip warm up\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\smashball\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\smashball\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\common\wings of prey demo\acess.exe"="C:\Program Files\Steam\steamapps\common\wings of prey demo\acess.exe:*:Enabled:acess"
"C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Ubisoft\Transmission Games\Heroes Over Europe\heroes2.exe"="C:\Program Files\Ubisoft\Transmission Games\Heroes Over Europe\heroes2.exe:*:Enabled:heroes2"
"C:\Documents and Settings\Karel\Plocha\Rollercoaster Tycoon.part1\Rollercoaster Tycoon\Čeština\RCT.EXE"="C:\Documents and Settings\Karel\Plocha\Rollercoaster Tycoon.part1\Rollercoaster Tycoon\Čeština\RCT.EXE:*:Enabled:RCT"
"C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE"="C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE:*:Enabled:RCT"
"C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Condor\Condor.exe"="C:\Program Files\Condor\Condor.exe:*:Enabled:Condor"
"C:\Program Files\FPSCORE Metro\fpscore.exe"="C:\Program Files\FPSCORE Metro\fpscore.exe:*:Enabled:fpscore"
"C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe:*:Enabled:Modern Warfare 2 Infamy Trailer"
"C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe:*:Enabled:Aliens vs. Predator Classic 2000 Trailer"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe:*:Enabled:Tom Clancy's EndWar"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe:*:Enabled:Tom Clancy's EndWar Launcher"
"C:\hry\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe"="C:\hry\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.txt - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2010-11-12 18:58:54 ----D---- C:\rsit
2010-11-12 18:58:54 ----D---- C:\Program Files\trend micro
2010-11-12 18:13:09 ----A---- C:\WINDOWS\ntbtlog.txt
2010-11-12 15:52:28 ----D---- C:\Program Files\2K Games
2010-11-12 13:51:38 ----D---- C:\Documents and Settings\Karel\Data aplikací\OnLive App
2010-11-11 15:06:45 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2010-11-11 15:05:45 ----D---- C:\WINDOWS\PixArt
2010-11-11 15:05:45 ----D---- C:\WINDOWS\Album
2010-11-11 15:05:45 ----D---- C:\Program Files\VideoCAM GE111
2010-11-11 15:05:45 ----D---- C:\Program Files\Common Files\PCCamera
2010-11-11 14:41:36 ----D---- C:\Program Files\FreeTrack
2010-11-10 17:53:56 ----D---- C:\Program Files\Taz-Mania
2010-11-10 17:24:07 ----D---- C:\Program Files\Comix Zone
2010-11-09 22:26:10 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-09 22:24:21 ----D---- C:\Program Files\ICQ7.2
2010-11-04 17:00:53 ----A---- C:\WINDOWS\game.ini
2010-10-30 19:41:24 ----D---- C:\Documents and Settings\Karel\Data aplikací\Need for Speed World
2010-10-30 14:51:13 ----D---- C:\Documents and Settings\Karel\Data aplikací\QipGuard
2010-10-14 20:44:44 ----D---- C:\Documents and Settings\Karel\Data aplikací\BSplayer Pro
2010-10-14 20:44:44 ----D---- C:\Documents and Settings\Karel\Data aplikací\BSplayer
2010-10-14 20:44:43 ----D---- C:\Program Files\Webteh
2010-10-14 20:41:58 ----D---- C:\Documents and Settings\Karel\Data aplikací\Style Jukebox Settings
2010-10-14 12:36:22 ----D---- C:\Program Files\Fire Department 3
2010-10-14 12:20:33 ----D---- C:\Program Files\sixteen tons entertainment
2010-10-14 08:38:48 ----D---- C:\Documents and Settings\Karel\Data aplikací\HU2011
2010-10-14 08:22:53 ----D---- C:\Program Files\Hunting Unlimited 2011
======List of files/folders modified in the last 1 months======
2010-11-12 18:58:54 ----D---- C:\Program Files
2010-11-12 18:45:56 ----D---- C:\WINDOWS\temp
2010-11-12 18:45:45 ----D---- C:\WINDOWS
2010-11-12 18:42:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-12 18:37:04 ----HD---- C:\WINDOWS\inf
2010-11-12 18:37:03 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-12 18:36:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-12 18:25:12 ----D---- C:\WINDOWS\Prefetch
2010-11-12 18:20:43 ----D---- C:\Documents and Settings
2010-11-12 18:17:31 ----D---- C:\WINDOWS\system32
2010-11-12 18:17:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-12 18:16:57 ----D---- C:\WINDOWS\Help
2010-11-12 18:15:43 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-12 16:39:14 ----SHD---- C:\WINDOWS\Installer
2010-11-12 16:38:01 ----RSD---- C:\WINDOWS\assembly
2010-11-12 16:37:38 ----D---- C:\WINDOWS\system32\DirectX
2010-11-12 16:25:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-12 16:25:23 ----D---- C:\hry
2010-11-12 16:09:28 ----D---- C:\Program Files\Microsoft Works
2010-11-12 16:09:27 ----D---- C:\Program Files\Power Sound Editor Free
2010-11-12 16:09:23 ----D---- C:\Program Files\USDownloader
2010-11-12 16:09:22 ----D---- C:\Program Files\Xvid
2010-11-12 16:09:22 ----D---- C:\Program Files\TVUPlayer
2010-11-12 16:09:21 ----D---- C:\Program Files\Windows Media Connect 2
2010-11-12 16:09:20 ----D---- C:\Program Files\Steam
2010-11-12 16:09:18 ----D---- C:\Program Files\DivX
2010-11-12 16:09:17 ----D---- C:\Program Files\Ask.com
2010-11-12 14:49:21 ----D---- C:\ModMan
2010-11-12 10:08:41 ----D---- C:\Documents and Settings\Karel\Data aplikací\OpenOffice.org2
2010-11-12 02:03:10 ----D---- C:\Documents and Settings\Karel\Data aplikací\Skype
2010-11-11 19:23:12 ----D---- C:\Documents and Settings\Karel\Data aplikací\Xfire
2010-11-11 17:25:57 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-11 16:34:55 ----SD---- C:\Program Files\Xfire
2010-11-11 16:29:45 ----D---- C:\Documents and Settings\Karel\Data aplikací\skypePM
2010-11-11 15:20:12 ----A---- C:\WINDOWS\win.ini
2010-11-11 15:16:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-11-11 15:05:45 ----D---- C:\WINDOWS\twain_32
2010-11-11 15:05:45 ----D---- C:\WINDOWS\system32\drivers
2010-11-11 15:05:45 ----D---- C:\Program Files\Common Files
2010-11-11 14:59:20 ----D---- C:\WINDOWS\Downloaded Installations
2010-11-10 15:59:34 ----D---- C:\Documents and Settings\Karel\Data aplikací\ICQ
2010-11-09 22:26:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-11-09 22:24:36 ----D---- C:\Documents and Settings\Karel\Data aplikací\Canon
2010-11-07 20:47:30 ----D---- C:\Documents and Settings\Karel\Data aplikací\Tunngle
2010-11-04 22:06:18 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-10-31 15:17:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-10-30 14:50:55 ----D---- C:\Program Files\QIP
2010-10-28 23:06:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-22 13:51:12 ----D---- C:\Program Files\Eagle Dynamics
2010-10-21 18:02:52 ----RD---- C:\Filmy
2010-10-14 14:16:24 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-14 10:36:15 ----D---- C:\WINDOWS\WinSxS
2010-10-14 10:35:52 ----D---- C:\WINDOWS\system32\en-us
2010-10-14 10:35:45 ----D---- C:\Program Files\Microsoft.NET
2010-10-14 08:03:40 ----D---- C:\Program Files\Mozilla Firefox
2010-10-13 05:35:26 ----D---- C:\Program Files\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS [2006-05-11 247808]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-12 716272]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-01 20747]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-03-24 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-03-24 18048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-18 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-10-19 4415488]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-14 179200]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-16 4156416]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 SaiH353e;SaiH353E; C:\WINDOWS\system32\DRIVERS\SaiH353e.sys [2007-05-01 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
S1 a00d8096;a00d8096; C:\WINDOWS\System32\drivers\a00d8096.sys []
S1 CXAVSAUD;Prolink 2388x Audio Capture; C:\WINDOWS\system32\DRIVERS\pvavsaud.sys [2006-10-11 9984]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S1 SpyEmrg;Spy Emergency Driver; C:\WINDOWS\System32\Drivers\spyemrg.sys []
S2 CX23880;Prolink 23880 Video Capture; C:\WINDOWS\system32\drivers\pv88vid.sys [2006-06-01 244352]
S2 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys []
S2 PVTUNE;Prolink 2388x Tuner; C:\WINDOWS\system32\drivers\pv88TUNE.sys [2006-06-01 32256]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 av1wdng7;av1wdng7; C:\WINDOWS\system32\drivers\av1wdng7.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-18 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-18 71552]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 eaglent;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-18 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 PAC207;VideoCAM GE111; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pvavSTS;Prolink 2388x AVStream TS Capture; C:\WINDOWS\system32\drivers\pvavsts.sys [2006-06-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar; C:\WINDOWS\system32\drivers\pvavxbar.sys [2006-06-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod; C:\WINDOWS\system32\drivers\PVBDAtun.sys [2006-06-01 104320]
S3 rspSanity;rspSanity; C:\WINDOWS\system32\DRIVERS\rspSanity32.sys [2009-03-07 30136]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-03-09 366080]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys [2005-11-20 13824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\Karel\LOCALS~1\Temp\sony_ssm.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 XDva358;XDva358; \??\C:\WINDOWS\system32\XDva358.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-10-19 602112]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-08-29 270434]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-08-29 122976]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [2006-08-29 1073152]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-15 153376]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-01-29 554616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-04 75064]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2007-11-22 122880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-08-22 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 PowerManager;Power Manager; C:\WINDOWS\svchost.exe [2001-08-24 36352]
S2 ZwangiSrch Service;ZwangiSrch Service; C:\Documents and Settings\All Users\Data aplikací\ZwangiSrch\zwangi151.exe C:\Program Files\ZwangiSrch\zwangi.dll Service []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-27 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-30 183280]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-02-17 2736890]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-11-12 19:00:00
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 16 GB (7%) free of 232 GB
Total RAM: 2047 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00, on 2010-11-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Karel\Plocha\HijackThis.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Karel\Plocha\RSIT.exe
C:\Documents and Settings\Karel\Plocha\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aramayapalim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 servserv.generals.ea.com
O1 - Hosts: ::1 mangler1.generals.ea.com
O1 - Hosts: ::1 mangler2.generals.ea.com
O1 - Hosts: ::1 mangler3.generals.ea.com
O1 - Hosts: ::1 mangler4.generals.ea.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\Internet Security\FortKnox Personal Firewall\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Philips Media Manager.lnk = C:\Program Files\Philips\Media Manager\Philips Media Manager.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &search - ?p=ZKman000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5148918828
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: ZwangiSrch Service - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\ZwangiSrch\zwangi151.exe (file missing)
--
End of file - 13905 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\PCConfidential.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-06-09 45568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-06-07 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-30 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-15 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-06-07 2403392]
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-04-30 185896]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-10-19 98304]
"FortKnoxPersonalFirewall"=C:\Program Files\NETGATE\Internet Security\FortKnox Personal Firewall\FortKnoxGUI.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"QIP Internet Guardian"=C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe [2010-06-09 187904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-10-19 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-18 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\iifcBrsT
"notification packages"=
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\Philips\Media Manager\Philips Media Manager.exe"="C:\Program Files\Philips\Media Manager\Philips Media Manager.exe:*:Enabled:Philips Media Management for your Media Devices"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Disabled:ICQ6"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Steam\steamapps\nekro360\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\hry\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\hry\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\Steam\steamapps\nekro360\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\hry\HD Publishing\Joint Task Force\jtf.exe"="C:\hry\HD Publishing\Joint Task Force\jtf.exe:*:Enabled:jtf"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\hry\Call of Duty Game of the Year Edition\CoDUOMP.exe"="C:\hry\Call of Duty Game of the Year Edition\CoDUOMP.exe:*:Enabled:CoDUOMP"
"C:\hry\Call of Duty Game of the Year Edition\CoDMP.exe"="C:\hry\Call of Duty Game of the Year Edition\CoDMP.exe:*:Enabled:CoDMP"
"C:\hry\Panzer Elite Action\Panzer Elite Action\pea.exe"="C:\hry\Panzer Elite Action\Panzer Elite Action\pea.exe:*:Enabled:pea"
"C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe"="C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\3006-cs2d\CounterStrike2D.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\3006-cs2d\CounterStrike2D.exe:*:Enabled:CounterStrike2D"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\Counter-Strike 1.6-condition zero\hl.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\Counter-Strike 1.6-condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\steamapps\common\midnight club 2\mc2.exe"="C:\Program Files\Steam\steamapps\common\midnight club 2\mc2.exe:*:Enabled:mc2"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\hry\TmNationsForever\TmForever.exe"="C:\hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Steam\steamapps\nekro360\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Steam\steamapps\nekro360\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\hry\Ubisoft\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe"="C:\hry\Ubisoft\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:R6Vegas2_Game"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\Unreal Tournament\System\UnrealTournament.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\Unreal Tournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\Program Files\Steam\steamapps\nekro360\day of defeat source beta\hl2.exe"="C:\Program Files\Steam\steamapps\nekro360\day of defeat source beta\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\Karel\Plocha\Hry\Hry\LieroX v0.56 Pack 1.9\LieroX.exe"="C:\Documents and Settings\Karel\Plocha\Hry\Hry\LieroX v0.56 Pack 1.9\LieroX.exe:*:Enabled:LieroX"
"C:\hry\Half-Life 2\hl2.exe"="C:\hry\Half-Life 2\hl2.exe:*:Disabled:hl2"
"C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4X.exe"="C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate"
"C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe"="C:\hry\VUGames\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate dedikovaný server"
"C:\hry\OniGames\EuroCops\Bin\EuroCops.exe"="C:\hry\OniGames\EuroCops\Bin\EuroCops.exe:*:Enabled:Game Application"
"C:\hry\Counter-Strike\hl.exe"="C:\hry\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\hry\Ubisoft\Rainbow Six Vegas\Binaries\R6Vegas_Game.exe"="C:\hry\Ubisoft\Rainbow Six Vegas\Binaries\R6Vegas_Game.exe:*:Enabled:R6Vegas_Game"
"C:\Program Files\LowRateVoip\LowRateVoip.exe"="C:\Program Files\LowRateVoip\LowRateVoip.exe:*:Enabled:LowRateVoip"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe"="C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"C:\Westwood\RA2\GAME.EXE"="C:\Westwood\RA2\GAME.EXE:*:Enabled:Main executable for Red Alert 2"
"C:\Program Files\Activision\Call of Duty - World at War Beta\CoDWaWbeta.exe"="C:\Program Files\Activision\Call of Duty - World at War Beta\CoDWaWbeta.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\Program Files\RndLabs\BaboViolent 2\BaboViolent2.exe"="C:\Program Files\RndLabs\BaboViolent 2\BaboViolent2.exe:*:Enabled:BaboViolent2"
"C:\Program Files\America's Army\System\ArmyOps.exe"="C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\hry\VUGames\SWAT 4\Content\System\Swat4.exe"="C:\hry\VUGames\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4"
"C:\hry\Strategy First\Strike Fighters - Project 1\FlightSim.exe"="C:\hry\Strategy First\Strike Fighters - Project 1\FlightSim.exe:*:Enabled:FlightSim"
"C:\hry\Warcraft III\Warcraft III.exe"="C:\hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Karel\Plocha\X-Plane 9 Demo\X-Plane.exe"="C:\Documents and Settings\Karel\Plocha\X-Plane 9 Demo\X-Plane.exe:*:Enabled:X-Plane"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"C:\hry\Wings Over Vietnam\WOV.exe"="C:\hry\Wings Over Vietnam\WOV.exe:*:Enabled:Wings Over Vietnam"
"C:\Program Files\Wings Over Europe\WOE.exe"="C:\Program Files\Wings Over Europe\WOE.exe:*:Enabled:Wings Over Europe"
"C:\Program Files\Air Conflicts\ac.exe"="C:\Program Files\Air Conflicts\ac.exe:*:Enabled:ac"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\hry\FlightGear\bin\Win32\fgfs.exe"="C:\hry\FlightGear\bin\Win32\fgfs.exe:*:Enabled:fgfs"
"C:\Program Files\Rocket Racer\RocketRacer.exe"="C:\Program Files\Rocket Racer\RocketRacer.exe:*:Enabled:RocketRacer"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Documents and Settings\Karel\Launcher.atm"="C:\Documents and Settings\Karel\Launcher.atm:Enabled:GameExe2"
"C:\Documents and Settings\Karel\Res-Voip\SCVoIP.exe"="C:\Documents and Settings\Karel\Res-Voip\SCVoIP.exe:Enabled:GameVoIP"
"C:\Program Files\SubaGames\ACEonline\Launcher.atm"="C:\Program Files\SubaGames\ACEonline\Launcher.atm:Enabled:GameExe2"
"C:\Program Files\SubaGames\ACEonline\Res-Voip\SCVoIP.exe"="C:\Program Files\SubaGames\ACEonline\Res-Voip\SCVoIP.exe:Enabled:GameVoIP"
"C:\Program Files\IVAO\IvAp\ivapnetint.exe"="C:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\hry\TmNationsForeverr\TmForever.exe"="C:\hry\TmNationsForeverr\TmForever.exe:*:Enabled:TmForever"
"C:\hry\Bohemia Interactive\ArmA\arma.exe"="C:\hry\Bohemia Interactive\ArmA\arma.exe:*:Enabled:ArmA"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam 732897"
"C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Online\System\SCDA_online.exe"="C:\hry\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Online\System\SCDA_online.exe:*:Enabled:SCDA_online"
"C:\Program Files\Steam\steamapps\common\operations flashpoint dragon rising - demo\OFDR Demo.exe"="C:\Program Files\Steam\steamapps\common\operations flashpoint dragon rising - demo\OFDR Demo.exe:*:Enabled:OFDR Demo"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\TCSB.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\TCSB.exe:*:Enabled:TC Server Browser for Tunngle"
"C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\diprip warm up\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\diprip warm up\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\smashball\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\smashball\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\common\wings of prey demo\acess.exe"="C:\Program Files\Steam\steamapps\common\wings of prey demo\acess.exe:*:Enabled:acess"
"C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Ubisoft\Transmission Games\Heroes Over Europe\heroes2.exe"="C:\Program Files\Ubisoft\Transmission Games\Heroes Over Europe\heroes2.exe:*:Enabled:heroes2"
"C:\Documents and Settings\Karel\Plocha\Rollercoaster Tycoon.part1\Rollercoaster Tycoon\Čeština\RCT.EXE"="C:\Documents and Settings\Karel\Plocha\Rollercoaster Tycoon.part1\Rollercoaster Tycoon\Čeština\RCT.EXE:*:Enabled:RCT"
"C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE"="C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE:*:Enabled:RCT"
"C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="C:\hry\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Condor\Condor.exe"="C:\Program Files\Condor\Condor.exe:*:Enabled:Condor"
"C:\Program Files\FPSCORE Metro\fpscore.exe"="C:\Program Files\FPSCORE Metro\fpscore.exe:*:Enabled:fpscore"
"C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe:*:Enabled:Modern Warfare 2 Infamy Trailer"
"C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe:*:Enabled:Aliens vs. Predator Classic 2000 Trailer"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe:*:Enabled:Tom Clancy's EndWar"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe:*:Enabled:Tom Clancy's EndWar Launcher"
"C:\hry\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe"="C:\hry\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.txt - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2010-11-12 18:58:54 ----D---- C:\rsit
2010-11-12 18:58:54 ----D---- C:\Program Files\trend micro
2010-11-12 18:13:09 ----A---- C:\WINDOWS\ntbtlog.txt
2010-11-12 15:52:28 ----D---- C:\Program Files\2K Games
2010-11-12 13:51:38 ----D---- C:\Documents and Settings\Karel\Data aplikací\OnLive App
2010-11-11 15:06:45 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2010-11-11 15:05:45 ----D---- C:\WINDOWS\PixArt
2010-11-11 15:05:45 ----D---- C:\WINDOWS\Album
2010-11-11 15:05:45 ----D---- C:\Program Files\VideoCAM GE111
2010-11-11 15:05:45 ----D---- C:\Program Files\Common Files\PCCamera
2010-11-11 14:41:36 ----D---- C:\Program Files\FreeTrack
2010-11-10 17:53:56 ----D---- C:\Program Files\Taz-Mania
2010-11-10 17:24:07 ----D---- C:\Program Files\Comix Zone
2010-11-09 22:26:10 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-09 22:24:21 ----D---- C:\Program Files\ICQ7.2
2010-11-04 17:00:53 ----A---- C:\WINDOWS\game.ini
2010-10-30 19:41:24 ----D---- C:\Documents and Settings\Karel\Data aplikací\Need for Speed World
2010-10-30 14:51:13 ----D---- C:\Documents and Settings\Karel\Data aplikací\QipGuard
2010-10-14 20:44:44 ----D---- C:\Documents and Settings\Karel\Data aplikací\BSplayer Pro
2010-10-14 20:44:44 ----D---- C:\Documents and Settings\Karel\Data aplikací\BSplayer
2010-10-14 20:44:43 ----D---- C:\Program Files\Webteh
2010-10-14 20:41:58 ----D---- C:\Documents and Settings\Karel\Data aplikací\Style Jukebox Settings
2010-10-14 12:36:22 ----D---- C:\Program Files\Fire Department 3
2010-10-14 12:20:33 ----D---- C:\Program Files\sixteen tons entertainment
2010-10-14 08:38:48 ----D---- C:\Documents and Settings\Karel\Data aplikací\HU2011
2010-10-14 08:22:53 ----D---- C:\Program Files\Hunting Unlimited 2011
======List of files/folders modified in the last 1 months======
2010-11-12 18:58:54 ----D---- C:\Program Files
2010-11-12 18:45:56 ----D---- C:\WINDOWS\temp
2010-11-12 18:45:45 ----D---- C:\WINDOWS
2010-11-12 18:42:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-12 18:37:04 ----HD---- C:\WINDOWS\inf
2010-11-12 18:37:03 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-12 18:36:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-12 18:25:12 ----D---- C:\WINDOWS\Prefetch
2010-11-12 18:20:43 ----D---- C:\Documents and Settings
2010-11-12 18:17:31 ----D---- C:\WINDOWS\system32
2010-11-12 18:17:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-12 18:16:57 ----D---- C:\WINDOWS\Help
2010-11-12 18:15:43 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-12 16:39:14 ----SHD---- C:\WINDOWS\Installer
2010-11-12 16:38:01 ----RSD---- C:\WINDOWS\assembly
2010-11-12 16:37:38 ----D---- C:\WINDOWS\system32\DirectX
2010-11-12 16:25:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-12 16:25:23 ----D---- C:\hry
2010-11-12 16:09:28 ----D---- C:\Program Files\Microsoft Works
2010-11-12 16:09:27 ----D---- C:\Program Files\Power Sound Editor Free
2010-11-12 16:09:23 ----D---- C:\Program Files\USDownloader
2010-11-12 16:09:22 ----D---- C:\Program Files\Xvid
2010-11-12 16:09:22 ----D---- C:\Program Files\TVUPlayer
2010-11-12 16:09:21 ----D---- C:\Program Files\Windows Media Connect 2
2010-11-12 16:09:20 ----D---- C:\Program Files\Steam
2010-11-12 16:09:18 ----D---- C:\Program Files\DivX
2010-11-12 16:09:17 ----D---- C:\Program Files\Ask.com
2010-11-12 14:49:21 ----D---- C:\ModMan
2010-11-12 10:08:41 ----D---- C:\Documents and Settings\Karel\Data aplikací\OpenOffice.org2
2010-11-12 02:03:10 ----D---- C:\Documents and Settings\Karel\Data aplikací\Skype
2010-11-11 19:23:12 ----D---- C:\Documents and Settings\Karel\Data aplikací\Xfire
2010-11-11 17:25:57 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-11 16:34:55 ----SD---- C:\Program Files\Xfire
2010-11-11 16:29:45 ----D---- C:\Documents and Settings\Karel\Data aplikací\skypePM
2010-11-11 15:20:12 ----A---- C:\WINDOWS\win.ini
2010-11-11 15:16:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-11-11 15:05:45 ----D---- C:\WINDOWS\twain_32
2010-11-11 15:05:45 ----D---- C:\WINDOWS\system32\drivers
2010-11-11 15:05:45 ----D---- C:\Program Files\Common Files
2010-11-11 14:59:20 ----D---- C:\WINDOWS\Downloaded Installations
2010-11-10 15:59:34 ----D---- C:\Documents and Settings\Karel\Data aplikací\ICQ
2010-11-09 22:26:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-11-09 22:24:36 ----D---- C:\Documents and Settings\Karel\Data aplikací\Canon
2010-11-07 20:47:30 ----D---- C:\Documents and Settings\Karel\Data aplikací\Tunngle
2010-11-04 22:06:18 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-10-31 15:17:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-10-30 14:50:55 ----D---- C:\Program Files\QIP
2010-10-28 23:06:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-22 13:51:12 ----D---- C:\Program Files\Eagle Dynamics
2010-10-21 18:02:52 ----RD---- C:\Filmy
2010-10-14 14:16:24 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-14 10:36:15 ----D---- C:\WINDOWS\WinSxS
2010-10-14 10:35:52 ----D---- C:\WINDOWS\system32\en-us
2010-10-14 10:35:45 ----D---- C:\Program Files\Microsoft.NET
2010-10-14 08:03:40 ----D---- C:\Program Files\Mozilla Firefox
2010-10-13 05:35:26 ----D---- C:\Program Files\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS [2006-05-11 247808]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-12 716272]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-01 20747]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-03-24 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-03-24 18048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-18 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-10-19 4415488]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-14 179200]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-16 4156416]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 SaiH353e;SaiH353E; C:\WINDOWS\system32\DRIVERS\SaiH353e.sys [2007-05-01 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
S1 a00d8096;a00d8096; C:\WINDOWS\System32\drivers\a00d8096.sys []
S1 CXAVSAUD;Prolink 2388x Audio Capture; C:\WINDOWS\system32\DRIVERS\pvavsaud.sys [2006-10-11 9984]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S1 SpyEmrg;Spy Emergency Driver; C:\WINDOWS\System32\Drivers\spyemrg.sys []
S2 CX23880;Prolink 23880 Video Capture; C:\WINDOWS\system32\drivers\pv88vid.sys [2006-06-01 244352]
S2 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys []
S2 PVTUNE;Prolink 2388x Tuner; C:\WINDOWS\system32\drivers\pv88TUNE.sys [2006-06-01 32256]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 av1wdng7;av1wdng7; C:\WINDOWS\system32\drivers\av1wdng7.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-18 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-18 71552]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 eaglent;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-18 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 PAC207;VideoCAM GE111; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pvavSTS;Prolink 2388x AVStream TS Capture; C:\WINDOWS\system32\drivers\pvavsts.sys [2006-06-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar; C:\WINDOWS\system32\drivers\pvavxbar.sys [2006-06-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod; C:\WINDOWS\system32\drivers\PVBDAtun.sys [2006-06-01 104320]
S3 rspSanity;rspSanity; C:\WINDOWS\system32\DRIVERS\rspSanity32.sys [2009-03-07 30136]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-03-09 366080]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys [2005-11-20 13824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\Karel\LOCALS~1\Temp\sony_ssm.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 XDva358;XDva358; \??\C:\WINDOWS\system32\XDva358.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-10-19 602112]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-08-29 270434]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-08-29 122976]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [2006-08-29 1073152]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-15 153376]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-01-29 554616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-04 75064]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2007-11-22 122880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-08-22 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 PowerManager;Power Manager; C:\WINDOWS\svchost.exe [2001-08-24 36352]
S2 ZwangiSrch Service;ZwangiSrch Service; C:\Documents and Settings\All Users\Data aplikací\ZwangiSrch\zwangi151.exe C:\Program Files\ZwangiSrch\zwangi.dll Service []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-27 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-30 183280]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-02-17 2736890]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Všeobecný problém s windows
A jeste ComboFix:
ComboFix 10-11-12.01 - Karel 2010-11-12 19:12:54.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.2047.1342 [GMT 1:00]
Spuštěný z: c:\documents and settings\Karel\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Karel\DokumentyMnF0Mi_save2pc.exe
C:\Install.exe
C:\Thumbs.db
c:\windows\svchost.exe
c:\windows\system32\_004720_.tmp.dll
c:\windows\system32\_004721_.tmp.dll
c:\windows\system32\_004722_.tmp.dll
c:\windows\system32\_004723_.tmp.dll
c:\windows\system32\_004730_.tmp.dll
c:\windows\system32\_004731_.tmp.dll
c:\windows\system32\_004732_.tmp.dll
c:\windows\system32\_004733_.tmp.dll
c:\windows\system32\_004735_.tmp.dll
c:\windows\system32\_004736_.tmp.dll
c:\windows\system32\_004739_.tmp.dll
c:\windows\system32\_004740_.tmp.dll
c:\windows\system32\_004742_.tmp.dll
c:\windows\system32\_004743_.tmp.dll
c:\windows\system32\_004744_.tmp.dll
c:\windows\system32\_004746_.tmp.dll
c:\windows\system32\_004747_.tmp.dll
c:\windows\system32\_004748_.tmp.dll
c:\windows\system32\_004749_.tmp.dll
c:\windows\system32\_004750_.tmp.dll
c:\windows\system32\_004754_.tmp.dll
c:\windows\system32\_004755_.tmp.dll
c:\windows\system32\_004757_.tmp.dll
c:\windows\system32\_004760_.tmp.dll
c:\windows\system32\_004762_.tmp.dll
c:\windows\system32\_004763_.tmp.dll
c:\windows\system32\_004764_.tmp.dll
c:\windows\system32\_004765_.tmp.dll
c:\windows\system32\_004766_.tmp.dll
c:\windows\system32\_004769_.tmp.dll
c:\windows\system32\_004770_.tmp.dll
c:\windows\system32\_004771_.tmp.dll
c:\windows\system32\_004772_.tmp.dll
c:\windows\system32\_004773_.tmp.dll
c:\windows\system32\_004778_.tmp.dll
c:\windows\system32\Ijl11.dll
c:\windows\system32\mcrh.tmp
c:\windows\system32\vbpng1.dll
c:\windows\system32\WanPacket.dll
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_mywebsearchservice
-------\Legacy_NPF
-------\Legacy_POWERMANAGER
-------\Legacy_ZWANGISRCH_SERVICE
-------\Service_NPF
-------\Service_PowerManager
-------\Service_ZwangiSrch Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-12 do 2010-11-12 )))))))))))))))))))))))))))))))
.
2010-11-12 17:58 . 2010-11-12 18:00 -------- d-----w- c:\program files\trend micro
2010-11-12 17:58 . 2010-11-12 17:58 -------- d-----w- C:\rsit
2010-11-12 17:13 . 2010-11-12 17:14 -------- d-----w- c:\documents and settings\Administrator
2010-11-12 17:09 . 2010-11-12 17:09 0 ----a-w- c:\documents and settings\Karel\ntuser.tmp
2010-11-12 14:52 . 2010-11-12 14:52 -------- d-----w- c:\program files\2K Games
2010-11-12 12:51 . 2010-11-12 13:03 -------- d-----w- c:\documents and settings\Karel\Data aplikací\OnLive App
2010-11-11 16:50 . 2010-11-11 16:51 98510 ----a-w- c:\program files\Microsoft Games\Flight Simulator 9\Uninstall.exe
2010-11-11 14:06 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2010-11-11 14:05 . 2010-11-11 14:16 -------- d-----w- c:\windows\Album
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\windows\PixArt
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\VideoCAM GE111
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\Common Files\PCCamera
2010-11-11 13:41 . 2010-11-11 14:16 -------- d-----w- c:\program files\FreeTrack
2010-11-10 16:53 . 2010-11-10 16:53 -------- d-----w- c:\program files\Taz-Mania
2010-11-10 16:24 . 2010-11-10 16:24 -------- d-----w- c:\program files\Comix Zone
2010-11-09 21:26 . 2010-11-09 21:26 -------- d-----w- c:\program files\ICQ6Toolbar
2010-11-09 21:24 . 2010-11-09 21:24 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\AOL
2010-11-09 21:24 . 2010-11-09 21:26 -------- d-----w- c:\program files\ICQ7.2
2010-10-30 18:41 . 2010-10-30 18:41 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Need for Speed World
2010-10-30 18:02 . 2010-10-30 18:02 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\Electronic_Arts_Inc
2010-10-30 13:51 . 2010-10-30 13:51 -------- d-----w- c:\documents and settings\Karel\Data aplikací\QipGuard
2010-10-30 13:51 . 2010-06-09 15:54 45568 ----a-w- c:\documents and settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
2010-10-14 19:44 . 2010-10-14 20:54 -------- d-----w- c:\documents and settings\Karel\Data aplikací\BSplayer
2010-10-14 19:44 . 2010-10-14 19:44 -------- d-----w- c:\documents and settings\Karel\Data aplikací\BSplayer Pro
2010-10-14 19:44 . 2010-10-14 19:44 -------- d-----w- c:\program files\Webteh
2010-10-14 19:41 . 2010-10-14 19:41 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Style Jukebox Settings
2010-10-14 11:36 . 2010-10-27 09:26 -------- d-----w- c:\program files\Fire Department 3
2010-10-14 11:20 . 2010-10-14 11:33 -------- d-----w- c:\program files\sixteen tons entertainment
2010-10-14 07:38 . 2010-10-14 07:45 -------- d-----w- c:\documents and settings\Karel\Data aplikací\HU2011
2010-10-14 07:22 . 2010-10-14 07:48 -------- d-----w- c:\program files\Hunting Unlimited 2011
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-11 16:25 . 2009-03-27 19:20 233960 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-11-11 16:25 . 2008-02-06 20:33 233960 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-11 16:07 . 2008-02-06 20:33 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-04 21:06 . 2008-02-06 20:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-11-04 16:01 . 2008-04-27 19:59 22328 ----a-w- c:\documents and settings\Karel\Data aplikací\PnkBstrK.sys
2010-09-15 15:18 . 2010-10-05 12:29 2601752 ----a-w- c:\windows\system32\pbsvc_moh.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\documents and settings\Karel\Data aplikací\QipGuard\QipGuard.exe" [2010-06-09 187904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-30 185896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-10-19 98304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Administrator.N-8C1C70A63A0A4\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Default User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"c:\\Program Files\\Philips\\Media Manager\\Philips Media Manager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\hry\\Ubisoft\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\synergy\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\counter-strike beta\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\half-life blue shift\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\source sdk base\\hl2.exe"=
"c:\\hry\\Hasbro Interactive\\RollerCoaster Tycoon\\RCT.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\modern warfare 2 infamy trailer\\smp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs. predator classic 2000 trailer\\smp.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Binaries\\EndWar.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Tom Clancy's EndWar Launcher.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\Karel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\hry\\Ubisoft\\Eagle Dynamics\\Lock On\\LockOn.exe"=
"c:\\Program Files\\Tunngle\\tnglctrl.exe"=
"c:\\Program Files\\Tunngle\\tunngle.exe"=
"c:\\hry\\Eagle Dynamics\\Ka-50\\bin\\x86\\stable\\simulator.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24526:TCP"= 24526:TCP:BitComet 24526 TCP
"24526:UDP"= 24526:UDP:BitComet 24526 UDP
"56728:TCP"= 56728:TCP:Pando Media Booster
"56728:UDP"= 56728:UDP:Pando Media Booster
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-11-04 716272]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-09 247096]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-04-10 554616]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-04 685816]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [2005-08-08 6640]
R3 SaiH353e;SaiH353E;c:\windows\system32\drivers\SaiH353E.sys [2009-07-14 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2009-12-30 27136]
S1 a00d8096;a00d8096;c:\windows\system32\drivers\a00d8096.sys [2009-01-27 0]
S1 CXAVSAUD;Prolink 2388x Audio Capture;c:\windows\system32\drivers\pvavsaud.sys [2006-11-01 9984]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys --> c:\windows\system32\Drivers\spyemrg.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PVTUNE;Prolink 2388x Tuner;c:\windows\system32\drivers\pv88tune.sys [2006-11-01 32256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2006-10-23 93440]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
S3 pvavSTS;Prolink 2388x AVStream TS Capture;c:\windows\system32\drivers\pvavsts.sys [2006-11-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar;c:\windows\system32\drivers\pvavxbar.sys [2006-11-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod;c:\windows\system32\drivers\PVBDAtun.sys [2006-11-01 104320]
S3 rspSanity;rspSanity;c:\windows\system32\drivers\rspSanity32.sys [2009-05-18 30136]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [2008-09-20 13824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 XDva358;XDva358;\??\c:\windows\system32\XDva358.sys --> c:\windows\system32\XDva358.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-12 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-26 13:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.aramayapalim.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Free YouTube Download - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
FF - ProfilePath - c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - component: c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - plugin: c:\program files\Microsoft Silverlight\4.0.50524.0\npctrl.1.0.20926.0.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-FortKnoxPersonalFirewall - c:\program files\NETGATE\Internet Security\FortKnox Personal Firewall\FortKnoxGUI.exe
Notify-dimsntfy - (no file)
Notify-WgaLogon - (no file)
AddRemove-BaboViolent 2_is1 - c:\program files\RndLabs\BaboViolent 2\unins000.exe
AddRemove-flight simulator 9.0 - c:\program files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE
AddRemove-fly! ii - c:\hry\Terminal Reality\Fly! II\Uninst.isu
AddRemove-IE Photomontage - c:\program files\IE Photomontage\uninstal.exe
AddRemove-IL Download Manager - c:\program files\Image-Line\Downloader\uninstall.exe
AddRemove-Light Artist_is1 - c:\program files\Light Artist\unins000.exe
AddRemove-loyal class tender tug v.2.0 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal_lct_tug2.exe
AddRemove-mta:sa dm - c:\program files\MTA San Andreas\Uninstall.exe
AddRemove-Nokia PC Suite - c:\documents and settings\All Users\Data aplikací\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_APAC.exe
AddRemove-OpenATCFeeder_is1 - c:\program files\OpenATC Feeder\unins000.exe
AddRemove-project tupolev il-62m v1.03 for msfs2004 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal.exe
AddRemove-Tactical Ops - c:\hry\Infogrames\Tactical Ops\Uninst.isu
AddRemove-Testy dorost_is1 - c:\program files\Zocek\Test\Testy\Dorost 2009-2010\unins000.exe
AddRemove-ZwangiSrch - c:\program files\ZwangiSrch\uninstall.exe
AddRemove-il-28 - c:\program files\Microsoft games\Flight simulator 9\Uninstal.exe
AddRemove-project tupolev tu-154m for ms fs2004 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal_PT_Tu-154m_2.02.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-12 19:21
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
c:\windows\TEMP\OLDB.tmp 549720 bytes executable
c:\windows\system32\wuauclt.exe.wusetup.295843.bak 53080 bytes executable
c:\windows\system32\wuaueng.dll.wusetup.301109.bak 1712984 bytes executable
sken byl úspešně dokončen
skryté soubory: 3
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:c5,da,f4,69,c2,25,6b,72,ed,42,d3,11,a5,5d,74,fd,3e,21,ea,35,68,30,31,
4e,b6,fe,5c,f8,0f,2c,55,69,c6,3b,66,2f,29,e4,9c,1f,63,ba,f5,34,e7,e5,8d,46,\
"??"=hex:82,6d,e5,fd,a8,85,48,1f,a9,8c,49,10,34,0d,a0,bf
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\License information*]
"datasecu"=hex:48,af,bb,1f,a5,a1,18,34,cf,0e,29,93,bd,bc,50,ff,65,91,62,48,33,
15,ae,85,25,91,21,5c,70,f0,4b,02,ce,29,74,2a,c7,e2,2e,74,bb,a6,ca,2b,92,a9,\
"rkeysecu"=hex:89,de,76,59,59,4f,c0,e2,c8,24,1a,85,0e,04,a3,b4
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1036)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(1096)
c:\windows\system32\mswsock.dll
- - - - - - - > 'explorer.exe'(3856)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\UAService7.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\SoftwareDistribution\Download\a5f16949630e8c407182e4928048db02\update\update.exe
.
**************************************************************************
.
Celkový čas: 2010-11-12 19:36:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-12 18:35
Před spuštěním: Volných bajtů: 16,585,973,760
Po spuštění: Volných bajtů: 18,982,277,120
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - 88ADF94910B648CED695BBD2EA078C77
ComboFix 10-11-12.01 - Karel 2010-11-12 19:12:54.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.2047.1342 [GMT 1:00]
Spuštěný z: c:\documents and settings\Karel\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Karel\DokumentyMnF0Mi_save2pc.exe
C:\Install.exe
C:\Thumbs.db
c:\windows\svchost.exe
c:\windows\system32\_004720_.tmp.dll
c:\windows\system32\_004721_.tmp.dll
c:\windows\system32\_004722_.tmp.dll
c:\windows\system32\_004723_.tmp.dll
c:\windows\system32\_004730_.tmp.dll
c:\windows\system32\_004731_.tmp.dll
c:\windows\system32\_004732_.tmp.dll
c:\windows\system32\_004733_.tmp.dll
c:\windows\system32\_004735_.tmp.dll
c:\windows\system32\_004736_.tmp.dll
c:\windows\system32\_004739_.tmp.dll
c:\windows\system32\_004740_.tmp.dll
c:\windows\system32\_004742_.tmp.dll
c:\windows\system32\_004743_.tmp.dll
c:\windows\system32\_004744_.tmp.dll
c:\windows\system32\_004746_.tmp.dll
c:\windows\system32\_004747_.tmp.dll
c:\windows\system32\_004748_.tmp.dll
c:\windows\system32\_004749_.tmp.dll
c:\windows\system32\_004750_.tmp.dll
c:\windows\system32\_004754_.tmp.dll
c:\windows\system32\_004755_.tmp.dll
c:\windows\system32\_004757_.tmp.dll
c:\windows\system32\_004760_.tmp.dll
c:\windows\system32\_004762_.tmp.dll
c:\windows\system32\_004763_.tmp.dll
c:\windows\system32\_004764_.tmp.dll
c:\windows\system32\_004765_.tmp.dll
c:\windows\system32\_004766_.tmp.dll
c:\windows\system32\_004769_.tmp.dll
c:\windows\system32\_004770_.tmp.dll
c:\windows\system32\_004771_.tmp.dll
c:\windows\system32\_004772_.tmp.dll
c:\windows\system32\_004773_.tmp.dll
c:\windows\system32\_004778_.tmp.dll
c:\windows\system32\Ijl11.dll
c:\windows\system32\mcrh.tmp
c:\windows\system32\vbpng1.dll
c:\windows\system32\WanPacket.dll
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_mywebsearchservice
-------\Legacy_NPF
-------\Legacy_POWERMANAGER
-------\Legacy_ZWANGISRCH_SERVICE
-------\Service_NPF
-------\Service_PowerManager
-------\Service_ZwangiSrch Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-12 do 2010-11-12 )))))))))))))))))))))))))))))))
.
2010-11-12 17:58 . 2010-11-12 18:00 -------- d-----w- c:\program files\trend micro
2010-11-12 17:58 . 2010-11-12 17:58 -------- d-----w- C:\rsit
2010-11-12 17:13 . 2010-11-12 17:14 -------- d-----w- c:\documents and settings\Administrator
2010-11-12 17:09 . 2010-11-12 17:09 0 ----a-w- c:\documents and settings\Karel\ntuser.tmp
2010-11-12 14:52 . 2010-11-12 14:52 -------- d-----w- c:\program files\2K Games
2010-11-12 12:51 . 2010-11-12 13:03 -------- d-----w- c:\documents and settings\Karel\Data aplikací\OnLive App
2010-11-11 16:50 . 2010-11-11 16:51 98510 ----a-w- c:\program files\Microsoft Games\Flight Simulator 9\Uninstall.exe
2010-11-11 14:06 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2010-11-11 14:05 . 2010-11-11 14:16 -------- d-----w- c:\windows\Album
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\windows\PixArt
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\VideoCAM GE111
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\Common Files\PCCamera
2010-11-11 13:41 . 2010-11-11 14:16 -------- d-----w- c:\program files\FreeTrack
2010-11-10 16:53 . 2010-11-10 16:53 -------- d-----w- c:\program files\Taz-Mania
2010-11-10 16:24 . 2010-11-10 16:24 -------- d-----w- c:\program files\Comix Zone
2010-11-09 21:26 . 2010-11-09 21:26 -------- d-----w- c:\program files\ICQ6Toolbar
2010-11-09 21:24 . 2010-11-09 21:24 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\AOL
2010-11-09 21:24 . 2010-11-09 21:26 -------- d-----w- c:\program files\ICQ7.2
2010-10-30 18:41 . 2010-10-30 18:41 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Need for Speed World
2010-10-30 18:02 . 2010-10-30 18:02 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\Electronic_Arts_Inc
2010-10-30 13:51 . 2010-10-30 13:51 -------- d-----w- c:\documents and settings\Karel\Data aplikací\QipGuard
2010-10-30 13:51 . 2010-06-09 15:54 45568 ----a-w- c:\documents and settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
2010-10-14 19:44 . 2010-10-14 20:54 -------- d-----w- c:\documents and settings\Karel\Data aplikací\BSplayer
2010-10-14 19:44 . 2010-10-14 19:44 -------- d-----w- c:\documents and settings\Karel\Data aplikací\BSplayer Pro
2010-10-14 19:44 . 2010-10-14 19:44 -------- d-----w- c:\program files\Webteh
2010-10-14 19:41 . 2010-10-14 19:41 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Style Jukebox Settings
2010-10-14 11:36 . 2010-10-27 09:26 -------- d-----w- c:\program files\Fire Department 3
2010-10-14 11:20 . 2010-10-14 11:33 -------- d-----w- c:\program files\sixteen tons entertainment
2010-10-14 07:38 . 2010-10-14 07:45 -------- d-----w- c:\documents and settings\Karel\Data aplikací\HU2011
2010-10-14 07:22 . 2010-10-14 07:48 -------- d-----w- c:\program files\Hunting Unlimited 2011
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-11 16:25 . 2009-03-27 19:20 233960 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-11-11 16:25 . 2008-02-06 20:33 233960 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-11 16:07 . 2008-02-06 20:33 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-04 21:06 . 2008-02-06 20:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-11-04 16:01 . 2008-04-27 19:59 22328 ----a-w- c:\documents and settings\Karel\Data aplikací\PnkBstrK.sys
2010-09-15 15:18 . 2010-10-05 12:29 2601752 ----a-w- c:\windows\system32\pbsvc_moh.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\documents and settings\Karel\Data aplikací\QipGuard\QipGuard.exe" [2010-06-09 187904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-30 185896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-10-19 98304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Administrator.N-8C1C70A63A0A4\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Default User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"c:\\Program Files\\Philips\\Media Manager\\Philips Media Manager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\hry\\Ubisoft\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\synergy\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\counter-strike beta\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\half-life blue shift\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\source sdk base\\hl2.exe"=
"c:\\hry\\Hasbro Interactive\\RollerCoaster Tycoon\\RCT.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\modern warfare 2 infamy trailer\\smp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs. predator classic 2000 trailer\\smp.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Binaries\\EndWar.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Tom Clancy's EndWar Launcher.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\Karel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\hry\\Ubisoft\\Eagle Dynamics\\Lock On\\LockOn.exe"=
"c:\\Program Files\\Tunngle\\tnglctrl.exe"=
"c:\\Program Files\\Tunngle\\tunngle.exe"=
"c:\\hry\\Eagle Dynamics\\Ka-50\\bin\\x86\\stable\\simulator.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24526:TCP"= 24526:TCP:BitComet 24526 TCP
"24526:UDP"= 24526:UDP:BitComet 24526 UDP
"56728:TCP"= 56728:TCP:Pando Media Booster
"56728:UDP"= 56728:UDP:Pando Media Booster
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-11-04 716272]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-09 247096]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-04-10 554616]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-04 685816]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [2005-08-08 6640]
R3 SaiH353e;SaiH353E;c:\windows\system32\drivers\SaiH353E.sys [2009-07-14 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2009-12-30 27136]
S1 a00d8096;a00d8096;c:\windows\system32\drivers\a00d8096.sys [2009-01-27 0]
S1 CXAVSAUD;Prolink 2388x Audio Capture;c:\windows\system32\drivers\pvavsaud.sys [2006-11-01 9984]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys --> c:\windows\system32\Drivers\spyemrg.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PVTUNE;Prolink 2388x Tuner;c:\windows\system32\drivers\pv88tune.sys [2006-11-01 32256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2006-10-23 93440]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
S3 pvavSTS;Prolink 2388x AVStream TS Capture;c:\windows\system32\drivers\pvavsts.sys [2006-11-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar;c:\windows\system32\drivers\pvavxbar.sys [2006-11-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod;c:\windows\system32\drivers\PVBDAtun.sys [2006-11-01 104320]
S3 rspSanity;rspSanity;c:\windows\system32\drivers\rspSanity32.sys [2009-05-18 30136]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [2008-09-20 13824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 XDva358;XDva358;\??\c:\windows\system32\XDva358.sys --> c:\windows\system32\XDva358.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-12 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-26 13:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.aramayapalim.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Free YouTube Download - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
FF - ProfilePath - c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - component: c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - plugin: c:\program files\Microsoft Silverlight\4.0.50524.0\npctrl.1.0.20926.0.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-FortKnoxPersonalFirewall - c:\program files\NETGATE\Internet Security\FortKnox Personal Firewall\FortKnoxGUI.exe
Notify-dimsntfy - (no file)
Notify-WgaLogon - (no file)
AddRemove-BaboViolent 2_is1 - c:\program files\RndLabs\BaboViolent 2\unins000.exe
AddRemove-flight simulator 9.0 - c:\program files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE
AddRemove-fly! ii - c:\hry\Terminal Reality\Fly! II\Uninst.isu
AddRemove-IE Photomontage - c:\program files\IE Photomontage\uninstal.exe
AddRemove-IL Download Manager - c:\program files\Image-Line\Downloader\uninstall.exe
AddRemove-Light Artist_is1 - c:\program files\Light Artist\unins000.exe
AddRemove-loyal class tender tug v.2.0 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal_lct_tug2.exe
AddRemove-mta:sa dm - c:\program files\MTA San Andreas\Uninstall.exe
AddRemove-Nokia PC Suite - c:\documents and settings\All Users\Data aplikací\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_APAC.exe
AddRemove-OpenATCFeeder_is1 - c:\program files\OpenATC Feeder\unins000.exe
AddRemove-project tupolev il-62m v1.03 for msfs2004 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal.exe
AddRemove-Tactical Ops - c:\hry\Infogrames\Tactical Ops\Uninst.isu
AddRemove-Testy dorost_is1 - c:\program files\Zocek\Test\Testy\Dorost 2009-2010\unins000.exe
AddRemove-ZwangiSrch - c:\program files\ZwangiSrch\uninstall.exe
AddRemove-il-28 - c:\program files\Microsoft games\Flight simulator 9\Uninstal.exe
AddRemove-project tupolev tu-154m for ms fs2004 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal_PT_Tu-154m_2.02.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-12 19:21
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
c:\windows\TEMP\OLDB.tmp 549720 bytes executable
c:\windows\system32\wuauclt.exe.wusetup.295843.bak 53080 bytes executable
c:\windows\system32\wuaueng.dll.wusetup.301109.bak 1712984 bytes executable
sken byl úspešně dokončen
skryté soubory: 3
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:c5,da,f4,69,c2,25,6b,72,ed,42,d3,11,a5,5d,74,fd,3e,21,ea,35,68,30,31,
4e,b6,fe,5c,f8,0f,2c,55,69,c6,3b,66,2f,29,e4,9c,1f,63,ba,f5,34,e7,e5,8d,46,\
"??"=hex:82,6d,e5,fd,a8,85,48,1f,a9,8c,49,10,34,0d,a0,bf
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\License information*]
"datasecu"=hex:48,af,bb,1f,a5,a1,18,34,cf,0e,29,93,bd,bc,50,ff,65,91,62,48,33,
15,ae,85,25,91,21,5c,70,f0,4b,02,ce,29,74,2a,c7,e2,2e,74,bb,a6,ca,2b,92,a9,\
"rkeysecu"=hex:89,de,76,59,59,4f,c0,e2,c8,24,1a,85,0e,04,a3,b4
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1036)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(1096)
c:\windows\system32\mswsock.dll
- - - - - - - > 'explorer.exe'(3856)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\UAService7.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\SoftwareDistribution\Download\a5f16949630e8c407182e4928048db02\update\update.exe
.
**************************************************************************
.
Celkový čas: 2010-11-12 19:36:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-12 18:35
Před spuštěním: Volných bajtů: 16,585,973,760
Po spuštění: Volných bajtů: 18,982,277,120
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - 88ADF94910B648CED695BBD2EA078C77
Re: Všeobecný problém s windows
Dobrý večer 
Jak jste si sám odpovídal, tak jste nám zapadl mezi zodpovězené topicy
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Jak jste si sám odpovídal, tak jste nám zapadl mezi zodpovězené topicy
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Všeobecný problém s windows
Mockrát děkuji za vaši pomoc.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 5120
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-11-15 19:55:27
mbam-log-2010-11-15 (19-55-27).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 432418
Uplynulý čas: 2 hodina(y), 33 minuta(y), 34 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované složky: 1
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ddbe997-e00b-433f-8fa3-35f69fdc9164} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ZwangiSrch (Adware.Zwangi) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\HomePage (Hijack.HomePageControl) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
C:\Documents and Settings\All Users\Data aplikací\ZwangiSrch (Adware.Zwangi) -> No action taken.
Infikované soubory:
C:\Program Files\USDownloader\OCR\CapNL\test.exe (Trojan.Downloader) -> No action taken.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 5120
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-11-15 19:55:27
mbam-log-2010-11-15 (19-55-27).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 432418
Uplynulý čas: 2 hodina(y), 33 minuta(y), 34 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované složky: 1
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ddbe997-e00b-433f-8fa3-35f69fdc9164} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ZwangiSrch (Adware.Zwangi) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\HomePage (Hijack.HomePageControl) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
C:\Documents and Settings\All Users\Data aplikací\ZwangiSrch (Adware.Zwangi) -> No action taken.
Infikované soubory:
C:\Program Files\USDownloader\OCR\CapNL\test.exe (Trojan.Downloader) -> No action taken.
Re: Všeobecný problém s windows
V mbamu vše smažte.
Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Pokud nemáte, přesuňte Combofix na plochu-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
Kód: Vybrat vše
DDS::
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.aramayapalim.com
uSearchAssistant = hxxp://search.qip.ru/ie
Firefox::
FF - ProfilePath - c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
Driver::
XDva358
SpyEmrg
Collect::
c:\windows\system32\XDva358.sys
File::
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
c:\windows\system32\Drivers\spyemrg.sys
Folder::
c:\program files\Ask.com
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Všeobecný problém s windows
ComboFix 10-11-15.03 - Karel 2010-11-15 22:59:59.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.2047.1580 [GMT 1:00]
Spuštěný z: c:\documents and settings\Karel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Karel\Plocha\CFScript.txt
FILE ::
"c:\windows\system32\Drivers\spyemrg.sys"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_15d.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Thumbs.db
c:\program files\Ask.com\UpdateTask.exe
C:\Thumbs.db
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_XDVA358
-------\Service_SpyEmrg
-------\Service_XDva358
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-15 do 2010-11-15 )))))))))))))))))))))))))))))))
.
2010-11-15 16:01 . 2010-11-15 16:01 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Malwarebytes
2010-11-15 16:01 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-15 16:01 . 2010-11-15 16:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-15 16:01 . 2010-11-15 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-11-15 16:01 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-15 15:48 . 2010-11-15 15:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2010-11-15 15:36 . 2010-11-15 15:36 -------- d-----w- c:\program files\ATI Stream
2010-11-15 15:30 . 2010-09-11 01:23 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-11-15 14:57 . 2010-11-15 14:57 -------- d-sh--w- c:\documents and settings\Karel\PrivacIE
2010-11-14 11:47 . 2010-11-14 11:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-11-12 20:11 . 2004-08-03 21:29 63488 ------w- c:\windows\system32\drivers\atinxsxx.sys
2010-11-12 20:08 . 2010-11-12 20:08 -------- d-sh--w- c:\documents and settings\Karel\IETldCache
2010-11-12 19:29 . 2010-05-06 10:35 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-11-12 19:29 . 2010-05-06 10:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-11-12 19:29 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-11-12 19:28 . 2010-11-12 19:29 -------- dc-h--w- c:\windows\ie8
2010-11-12 19:22 . 2010-11-15 14:19 -------- d-----w- c:\windows\ServicePackFiles
2010-11-12 18:58 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-11-12 18:58 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-11-12 18:58 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-11-12 18:57 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-11-12 18:57 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-11-12 18:57 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-11-12 18:56 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-11-12 18:43 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-11-12 17:58 . 2010-11-12 18:00 -------- d-----w- c:\program files\trend micro
2010-11-12 17:58 . 2010-11-12 17:58 -------- d-----w- C:\rsit
2010-11-12 17:13 . 2010-11-12 17:14 -------- d-----w- c:\documents and settings\Administrator
2010-11-12 17:09 . 2010-11-12 17:09 0 ----a-w- c:\documents and settings\Karel\ntuser.tmp
2010-11-12 14:52 . 2010-11-12 14:52 -------- d-----w- c:\program files\2K Games
2010-11-12 12:51 . 2010-11-12 13:03 -------- d-----w- c:\documents and settings\Karel\Data aplikací\OnLive App
2010-11-11 16:50 . 2010-11-11 16:51 98510 ----a-w- c:\program files\Microsoft Games\Flight Simulator 9\Uninstall.exe
2010-11-11 14:06 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2010-11-11 14:05 . 2010-11-11 14:16 -------- d-----w- c:\windows\Album
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\windows\PixArt
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\VideoCAM GE111
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\Common Files\PCCamera
2010-11-11 13:41 . 2010-11-11 14:16 -------- d-----w- c:\program files\FreeTrack
2010-11-10 16:53 . 2010-11-10 16:53 -------- d-----w- c:\program files\Taz-Mania
2010-11-10 16:24 . 2010-11-10 16:24 -------- d-----w- c:\program files\Comix Zone
2010-11-09 21:26 . 2010-11-14 19:22 -------- d-----w- c:\program files\ICQ6Toolbar
2010-11-09 21:24 . 2010-11-09 21:24 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\AOL
2010-11-09 21:24 . 2010-11-09 21:26 -------- d-----w- c:\program files\ICQ7.2
2010-10-30 18:41 . 2010-10-30 18:41 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Need for Speed World
2010-10-30 18:02 . 2010-10-30 18:02 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\Electronic_Arts_Inc
2010-10-30 13:51 . 2010-10-30 13:51 -------- d-----w- c:\documents and settings\Karel\Data aplikací\QipGuard
2010-10-30 13:51 . 2010-06-09 15:54 45568 ----a-w- c:\documents and settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-14 20:23 . 2008-02-06 20:33 138904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-14 20:23 . 2009-03-27 19:20 234392 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-11-14 20:23 . 2008-02-06 20:33 234392 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-12 20:04 . 2008-02-06 20:32 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-11-04 16:01 . 2008-04-27 19:59 22328 ----a-w- c:\documents and settings\Karel\Data aplikací\PnkBstrK.sys
2010-09-15 15:18 . 2010-10-05 12:29 2601752 ----a-w- c:\windows\system32\pbsvc_moh.exe
2010-09-11 02:19 . 2006-08-23 01:53 5417472 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-09-11 01:57 . 2009-12-24 16:47 57344 ----a-w- c:\windows\system32\aticalrt.dll
2010-09-11 01:57 . 2009-12-24 16:47 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-09-11 01:56 . 2009-12-24 16:47 4419584 ----a-w- c:\windows\system32\aticaldd.dll
2010-09-11 01:54 . 2006-08-23 01:24 16248832 ----a-w- c:\windows\system32\atioglxx.dll
2010-09-11 01:50 . 2006-08-23 02:11 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-09-11 01:43 . 2009-12-24 16:47 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-09-11 01:42 . 2006-08-23 01:53 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-09-11 01:39 . 2006-08-23 01:38 3942880 ----a-w- c:\windows\system32\ati3duag.dll
2010-09-11 01:29 . 2009-12-24 16:47 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-09-11 01:26 . 2006-08-23 01:47 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-09-11 01:26 . 2006-08-23 01:46 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-09-11 01:26 . 2006-08-23 01:46 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-09-11 01:26 . 2006-08-23 01:46 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-09-11 01:26 . 2006-08-23 01:46 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-09-11 01:25 . 2006-08-23 01:33 2669312 ----a-w- c:\windows\system32\ativvaxx.dll
2010-09-11 01:25 . 2006-08-23 01:45 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-09-11 01:24 . 2006-08-23 01:44 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-09-11 01:19 . 2006-08-23 01:21 634880 ----a-w- c:\windows\system32\atikvmag.dll
2010-09-11 01:18 . 2009-12-24 16:47 192512 ----a-w- c:\windows\system32\atiadlxx.dll
2010-09-11 01:17 . 2006-08-23 01:19 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-09-11 01:13 . 2006-08-23 01:14 696320 ----a-w- c:\windows\system32\ati2cqag.dll
2010-09-11 01:11 . 2009-12-24 16:47 64512 ----a-w- c:\windows\system32\atimpc32.dll
2010-09-11 01:11 . 2009-12-24 16:47 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2010-09-11 01:11 . 2006-08-23 01:43 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\documents and settings\Karel\Data aplikací\QipGuard\QipGuard.exe" [2010-06-09 187904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-30 185896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-10 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Administrator.N-8C1C70A63A0A4\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Default User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"c:\\Program Files\\Philips\\Media Manager\\Philips Media Manager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\hry\\Ubisoft\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\synergy\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\counter-strike beta\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\half-life blue shift\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\source sdk base\\hl2.exe"=
"c:\\hry\\Hasbro Interactive\\RollerCoaster Tycoon\\RCT.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\modern warfare 2 infamy trailer\\smp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs. predator classic 2000 trailer\\smp.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Binaries\\EndWar.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Tom Clancy's EndWar Launcher.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\Karel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\hry\\Ubisoft\\Eagle Dynamics\\Lock On\\LockOn.exe"=
"c:\\Program Files\\Tunngle\\tnglctrl.exe"=
"c:\\Program Files\\Tunngle\\tunngle.exe"=
"c:\\hry\\Eagle Dynamics\\Ka-50\\bin\\x86\\stable\\simulator.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\hry\\Activision\\Call of Duty - Black Ops\\BlackOps.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24526:TCP"= 24526:TCP:BitComet 24526 TCP
"24526:UDP"= 24526:UDP:BitComet 24526 UDP
"56728:TCP"= 56728:TCP:Pando Media Booster
"56728:UDP"= 56728:UDP:Pando Media Booster
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-11-04 716272]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-09 247096]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-04-10 554616]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-04 685816]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [2005-08-08 6640]
R3 SaiH353e;SaiH353E;c:\windows\system32\drivers\SaiH353E.sys [2009-07-14 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2009-12-30 27136]
S1 a00d8096;a00d8096;c:\windows\system32\drivers\a00d8096.sys [2009-01-27 0]
S1 CXAVSAUD;Prolink 2388x Audio Capture;c:\windows\system32\drivers\pvavsaud.sys [2006-11-01 9984]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PVTUNE;Prolink 2388x Tuner;c:\windows\system32\drivers\pv88tune.sys [2006-11-01 32256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2006-10-23 93440]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
S3 pvavSTS;Prolink 2388x AVStream TS Capture;c:\windows\system32\drivers\pvavsts.sys [2006-11-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar;c:\windows\system32\drivers\pvavxbar.sys [2006-11-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod;c:\windows\system32\drivers\PVBDAtun.sys [2006-11-01 104320]
S3 rspSanity;rspSanity;c:\windows\system32\drivers\rspSanity32.sys [2009-05-18 30136]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [2008-09-20 13824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Free YouTube Download - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
FF - ProfilePath - c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\
FF - component: c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - plugin: c:\program files\Microsoft Silverlight\4.0.50524.0\npctrl.1.0.20926.0.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-HijackThis - c:\documents and settings\Karel\Plocha\HijackThis.exe
AddRemove-project tupolev il-62m v1.03 for msfs2004 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-15 23:16
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:c5,da,f4,69,c2,25,6b,72,ed,42,d3,11,a5,5d,74,fd,3e,21,ea,35,68,30,31,
4e,b6,fe,5c,f8,0f,2c,55,69,c6,3b,66,2f,29,e4,9c,1f,63,ba,f5,34,e7,e5,8d,46,\
"??"=hex:82,6d,e5,fd,a8,85,48,1f,a9,8c,49,10,34,0d,a0,bf
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\License information*]
"datasecu"=hex:48,af,bb,1f,a5,a1,18,34,cf,0e,29,93,bd,bc,50,ff,65,91,62,48,33,
15,ae,85,25,91,21,5c,70,f0,4b,02,ce,29,74,2a,c7,e2,2e,74,bb,a6,ca,2b,92,a9,\
"rkeysecu"=hex:89,de,76,59,59,4f,c0,e2,c8,24,1a,85,0e,04,a3,b4
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1036)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
- - - - - - - > 'explorer.exe'(1424)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\UAService7.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-11-15 23:29:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-15 22:29
ComboFix2.txt 2010-11-12 18:36
Před spuštěním: Volných bajtů: 11,732,701,184
Po spuštění: Volných bajtů: 11,807,559,680
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0721F65D35A725917898163D9EF21448
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.2047.1580 [GMT 1:00]
Spuštěný z: c:\documents and settings\Karel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Karel\Plocha\CFScript.txt
FILE ::
"c:\windows\system32\Drivers\spyemrg.sys"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_15d.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Thumbs.db
c:\program files\Ask.com\UpdateTask.exe
C:\Thumbs.db
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_XDVA358
-------\Service_SpyEmrg
-------\Service_XDva358
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-15 do 2010-11-15 )))))))))))))))))))))))))))))))
.
2010-11-15 16:01 . 2010-11-15 16:01 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Malwarebytes
2010-11-15 16:01 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-15 16:01 . 2010-11-15 16:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-15 16:01 . 2010-11-15 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-11-15 16:01 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-15 15:48 . 2010-11-15 15:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2010-11-15 15:36 . 2010-11-15 15:36 -------- d-----w- c:\program files\ATI Stream
2010-11-15 15:30 . 2010-09-11 01:23 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-11-15 14:57 . 2010-11-15 14:57 -------- d-sh--w- c:\documents and settings\Karel\PrivacIE
2010-11-14 11:47 . 2010-11-14 11:47 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-11-12 20:11 . 2004-08-03 21:29 63488 ------w- c:\windows\system32\drivers\atinxsxx.sys
2010-11-12 20:08 . 2010-11-12 20:08 -------- d-sh--w- c:\documents and settings\Karel\IETldCache
2010-11-12 19:29 . 2010-05-06 10:35 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-11-12 19:29 . 2010-05-06 10:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-11-12 19:29 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-11-12 19:28 . 2010-11-12 19:29 -------- dc-h--w- c:\windows\ie8
2010-11-12 19:22 . 2010-11-15 14:19 -------- d-----w- c:\windows\ServicePackFiles
2010-11-12 18:58 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-11-12 18:58 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-11-12 18:58 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-11-12 18:57 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-11-12 18:57 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-11-12 18:57 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-11-12 18:56 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-11-12 18:43 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-11-12 17:58 . 2010-11-12 18:00 -------- d-----w- c:\program files\trend micro
2010-11-12 17:58 . 2010-11-12 17:58 -------- d-----w- C:\rsit
2010-11-12 17:13 . 2010-11-12 17:14 -------- d-----w- c:\documents and settings\Administrator
2010-11-12 17:09 . 2010-11-12 17:09 0 ----a-w- c:\documents and settings\Karel\ntuser.tmp
2010-11-12 14:52 . 2010-11-12 14:52 -------- d-----w- c:\program files\2K Games
2010-11-12 12:51 . 2010-11-12 13:03 -------- d-----w- c:\documents and settings\Karel\Data aplikací\OnLive App
2010-11-11 16:50 . 2010-11-11 16:51 98510 ----a-w- c:\program files\Microsoft Games\Flight Simulator 9\Uninstall.exe
2010-11-11 14:06 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2010-11-11 14:05 . 2010-11-11 14:16 -------- d-----w- c:\windows\Album
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\windows\PixArt
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\VideoCAM GE111
2010-11-11 14:05 . 2010-11-11 14:05 -------- d-----w- c:\program files\Common Files\PCCamera
2010-11-11 13:41 . 2010-11-11 14:16 -------- d-----w- c:\program files\FreeTrack
2010-11-10 16:53 . 2010-11-10 16:53 -------- d-----w- c:\program files\Taz-Mania
2010-11-10 16:24 . 2010-11-10 16:24 -------- d-----w- c:\program files\Comix Zone
2010-11-09 21:26 . 2010-11-14 19:22 -------- d-----w- c:\program files\ICQ6Toolbar
2010-11-09 21:24 . 2010-11-09 21:24 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\AOL
2010-11-09 21:24 . 2010-11-09 21:26 -------- d-----w- c:\program files\ICQ7.2
2010-10-30 18:41 . 2010-10-30 18:41 -------- d-----w- c:\documents and settings\Karel\Data aplikací\Need for Speed World
2010-10-30 18:02 . 2010-10-30 18:02 -------- d-----w- c:\documents and settings\Karel\Local Settings\Data aplikací\Electronic_Arts_Inc
2010-10-30 13:51 . 2010-10-30 13:51 -------- d-----w- c:\documents and settings\Karel\Data aplikací\QipGuard
2010-10-30 13:51 . 2010-06-09 15:54 45568 ----a-w- c:\documents and settings\Karel\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-14 20:23 . 2008-02-06 20:33 138904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-14 20:23 . 2009-03-27 19:20 234392 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-11-14 20:23 . 2008-02-06 20:33 234392 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-12 20:04 . 2008-02-06 20:32 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-11-04 16:01 . 2008-04-27 19:59 22328 ----a-w- c:\documents and settings\Karel\Data aplikací\PnkBstrK.sys
2010-09-15 15:18 . 2010-10-05 12:29 2601752 ----a-w- c:\windows\system32\pbsvc_moh.exe
2010-09-11 02:19 . 2006-08-23 01:53 5417472 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-09-11 01:57 . 2009-12-24 16:47 57344 ----a-w- c:\windows\system32\aticalrt.dll
2010-09-11 01:57 . 2009-12-24 16:47 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-09-11 01:56 . 2009-12-24 16:47 4419584 ----a-w- c:\windows\system32\aticaldd.dll
2010-09-11 01:54 . 2006-08-23 01:24 16248832 ----a-w- c:\windows\system32\atioglxx.dll
2010-09-11 01:50 . 2006-08-23 02:11 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-09-11 01:43 . 2009-12-24 16:47 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-09-11 01:42 . 2006-08-23 01:53 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-09-11 01:39 . 2006-08-23 01:38 3942880 ----a-w- c:\windows\system32\ati3duag.dll
2010-09-11 01:29 . 2009-12-24 16:47 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-09-11 01:26 . 2006-08-23 01:47 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-09-11 01:26 . 2006-08-23 01:46 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-09-11 01:26 . 2006-08-23 01:46 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-09-11 01:26 . 2006-08-23 01:46 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-09-11 01:26 . 2006-08-23 01:46 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-09-11 01:25 . 2006-08-23 01:33 2669312 ----a-w- c:\windows\system32\ativvaxx.dll
2010-09-11 01:25 . 2006-08-23 01:45 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-09-11 01:24 . 2006-08-23 01:44 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-09-11 01:19 . 2006-08-23 01:21 634880 ----a-w- c:\windows\system32\atikvmag.dll
2010-09-11 01:18 . 2009-12-24 16:47 192512 ----a-w- c:\windows\system32\atiadlxx.dll
2010-09-11 01:17 . 2006-08-23 01:19 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-09-11 01:13 . 2006-08-23 01:14 696320 ----a-w- c:\windows\system32\ati2cqag.dll
2010-09-11 01:11 . 2009-12-24 16:47 64512 ----a-w- c:\windows\system32\atimpc32.dll
2010-09-11 01:11 . 2009-12-24 16:47 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2010-09-11 01:11 . 2006-08-23 01:43 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\documents and settings\Karel\Data aplikací\QipGuard\QipGuard.exe" [2010-06-09 187904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-30 185896]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-10 98304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Administrator.N-8C1C70A63A0A4\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
c:\documents and settings\Default User\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Philips Media Manager.lnk - c:\program files\Philips\Media Manager\Philips Media Manager.exe [2006-11-1 136704]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"c:\\Program Files\\Philips\\Media Manager\\Philips Media Manager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\hry\\Ubisoft\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\synergy\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\counter-strike beta\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\half-life blue shift\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\czsnipik\\source sdk base\\hl2.exe"=
"c:\\hry\\Hasbro Interactive\\RollerCoaster Tycoon\\RCT.EXE"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\modern warfare 2 infamy trailer\\smp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs. predator classic 2000 trailer\\smp.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Binaries\\EndWar.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's EndWar\\Tom Clancy's EndWar Launcher.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\Karel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\hry\\Ubisoft\\Eagle Dynamics\\Lock On\\LockOn.exe"=
"c:\\Program Files\\Tunngle\\tnglctrl.exe"=
"c:\\Program Files\\Tunngle\\tunngle.exe"=
"c:\\hry\\Eagle Dynamics\\Ka-50\\bin\\x86\\stable\\simulator.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\hry\\Activision\\Call of Duty - Black Ops\\BlackOps.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24526:TCP"= 24526:TCP:BitComet 24526 TCP
"24526:UDP"= 24526:UDP:BitComet 24526 UDP
"56728:TCP"= 56728:TCP:Pando Media Booster
"56728:UDP"= 56728:UDP:Pando Media Booster
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-11-04 716272]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-09 247096]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-04-10 554616]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-09-04 685816]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [2005-08-08 6640]
R3 SaiH353e;SaiH353E;c:\windows\system32\drivers\SaiH353E.sys [2009-07-14 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2009-12-30 27136]
S1 a00d8096;a00d8096;c:\windows\system32\drivers\a00d8096.sys [2009-01-27 0]
S1 CXAVSAUD;Prolink 2388x Audio Capture;c:\windows\system32\drivers\pvavsaud.sys [2006-11-01 9984]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PVTUNE;Prolink 2388x Tuner;c:\windows\system32\drivers\pv88tune.sys [2006-11-01 32256]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2006-10-23 93440]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
S3 pvavSTS;Prolink 2388x AVStream TS Capture;c:\windows\system32\drivers\pvavsts.sys [2006-11-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar;c:\windows\system32\drivers\pvavxbar.sys [2006-11-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod;c:\windows\system32\drivers\PVBDAtun.sys [2006-11-01 104320]
S3 rspSanity;rspSanity;c:\windows\system32\drivers\rspSanity32.sys [2009-05-18 30136]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [2008-09-20 13824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Free YouTube Download - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
FF - ProfilePath - c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\
FF - component: c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\lyhcwsji.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - plugin: c:\program files\Microsoft Silverlight\4.0.50524.0\npctrl.1.0.20926.0.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-HijackThis - c:\documents and settings\Karel\Plocha\HijackThis.exe
AddRemove-project tupolev il-62m v1.03 for msfs2004 - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-15 23:16
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:c5,da,f4,69,c2,25,6b,72,ed,42,d3,11,a5,5d,74,fd,3e,21,ea,35,68,30,31,
4e,b6,fe,5c,f8,0f,2c,55,69,c6,3b,66,2f,29,e4,9c,1f,63,ba,f5,34,e7,e5,8d,46,\
"??"=hex:82,6d,e5,fd,a8,85,48,1f,a9,8c,49,10,34,0d,a0,bf
[HKEY_USERS\S-1-5-21-394074840-131283828-2727867387-1007\Software\SecuROM\License information*]
"datasecu"=hex:48,af,bb,1f,a5,a1,18,34,cf,0e,29,93,bd,bc,50,ff,65,91,62,48,33,
15,ae,85,25,91,21,5c,70,f0,4b,02,ce,29,74,2a,c7,e2,2e,74,bb,a6,ca,2b,92,a9,\
"rkeysecu"=hex:89,de,76,59,59,4f,c0,e2,c8,24,1a,85,0e,04,a3,b4
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1036)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
- - - - - - - > 'explorer.exe'(1424)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\UAService7.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-11-15 23:29:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-15 22:29
ComboFix2.txt 2010-11-12 18:36
Před spuštěním: Volných bajtů: 11,732,701,184
Po spuštění: Volných bajtů: 11,807,559,680
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0721F65D35A725917898163D9EF21448
Re: Všeobecný problém s windows
Co počítač?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Všeobecný problém s windows
Mnohem lepší, děkuji.
Ale během našeho řešení se mi změnil Správce úloh, možná je to tím že jsem nainstaloval Service pack 3, nevím. Každopádně přikládám obrázek.
Ale během našeho řešení se mi změnil Správce úloh, možná je to tím že jsem nainstaloval Service pack 3, nevím. Každopádně přikládám obrázek.
Re: Všeobecný problém s windows
Asi. Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijtehttp://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Všeobecný problém s windows
Řekl bych že vše už je v naprostém pořádku. Jen ten spravce úloh. Každopádně děkuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-11-17 12:17:16
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (5%) free of 232 GB
Total RAM: 2047 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17, on 17.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Karel\Plocha\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Philips Media Manager.lnk = C:\Program Files\Philips\Media Manager\Philips Media Manager.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5148918828
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 11243 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-15 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-04-30 185896]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-10 98304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe [2010-06-09 187904]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-09-11 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\Philips\Media Manager\Philips Media Manager.exe"="C:\Program Files\Philips\Media Manager\Philips Media Manager.exe:*:Enabled:Philips Media Management for your Media Devices"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe"="C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\Program Files\IVAO\IvAp\ivapnetint.exe"="C:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam 732897"
"C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE"="C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE:*:Enabled:RCT"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe:*:Enabled:Modern Warfare 2 Infamy Trailer"
"C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe:*:Enabled:Aliens vs. Predator Classic 2000 Trailer"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe:*:Enabled:Tom Clancy's EndWar"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe:*:Enabled:Tom Clancy's EndWar Launcher"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\hry\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe"="C:\hry\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe:*:Enabled:LOCK ON"
"C:\Program Files\Tunngle\tnglctrl.exe"="C:\Program Files\Tunngle\tnglctrl.exe:*:Enabled:Tunngle Service"
"C:\Program Files\Tunngle\tunngle.exe"="C:\Program Files\Tunngle\tunngle.exe:*:Enabled:Tunngle Client"
"C:\hry\Eagle Dynamics\Ka-50\bin\x86\stable\simulator.exe"="C:\hry\Eagle Dynamics\Ka-50\bin\x86\stable\simulator.exe:*:Enabled:DCS Black Shark"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\hry\Activision\Call of Duty - Black Ops\BlackOps.exe"="C:\hry\Activision\Call of Duty - Black Ops\BlackOps.exe:*:Disabled:BlackOps"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.txt - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2010-11-17 12:17:16 ----D---- C:\rsit
2010-11-17 12:07:29 ----SHD---- C:\Config.Msi
2010-11-17 11:54:09 ----SHD---- C:\RECYCLER
2010-11-16 16:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-11-16 16:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-11-16 16:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-11-16 16:50:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-11-16 16:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-11-16 16:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-11-16 16:49:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-11-16 16:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-11-16 16:49:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-11-16 16:49:36 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-11-16 16:49:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-11-16 16:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-11-16 16:49:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-11-16 16:48:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-11-16 16:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-11-16 16:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-11-16 16:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-11-16 16:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-11-16 16:44:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-11-16 16:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-11-16 16:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-11-16 16:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-11-16 16:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-11-16 16:43:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-11-15 17:01:44 ----D---- C:\Documents and Settings\Karel\Data aplikací\Malwarebytes
2010-11-15 17:01:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-15 17:01:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-11-15 16:48:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-11-15 16:36:29 ----D---- C:\Program Files\ATI Stream
2010-11-15 16:30:22 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-11-15 15:52:32 ----D---- C:\WINDOWS\Prefetch
2010-11-15 15:31:12 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-11-15 15:31:07 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-11-15 15:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-11-15 15:30:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-11-15 15:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-11-15 15:30:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-11-15 15:30:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-11-15 15:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-11-15 15:30:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-11-15 15:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-11-15 15:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-11-15 15:30:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-11-15 15:30:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-11-15 15:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-11-15 15:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-11-15 15:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-11-15 15:29:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-11-15 15:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-11-15 15:29:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-11-15 15:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-11-15 15:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-11-15 15:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-11-15 15:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-11-15 15:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-11-15 15:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-11-15 15:28:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-11-15 15:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-11-15 15:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-11-15 15:28:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-11-15 15:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-11-15 15:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-11-15 15:28:21 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-11-15 15:28:16 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-11-15 15:28:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-11-15 15:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-11-15 15:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-11-15 15:27:45 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-11-15 15:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-11-15 15:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-11-15 15:27:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-11-15 15:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-11-15 15:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-11-15 15:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-11-15 15:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-11-15 15:27:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-11-15 15:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-11-15 15:26:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-11-15 15:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-11-15 15:26:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-11-15 15:26:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-11-15 15:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-11-15 15:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-11-15 15:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-11-15 15:26:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-11-15 15:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-11-15 15:26:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-11-15 15:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2010-11-15 15:25:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-11-15 15:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-11-15 15:25:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-11-15 15:25:36 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-11-15 15:25:31 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-11-15 15:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-11-15 15:15:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-11-14 01:50:42 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2010-11-14 01:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-11-12 21:13:48 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-11-12 21:13:48 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-11-12 21:13:47 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-11-12 21:13:47 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-11-12 21:13:45 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-11-12 21:13:45 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-11-12 21:13:45 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-11-12 21:13:43 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-11-12 21:13:34 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-11-12 21:13:33 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-11-12 21:13:33 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-11-12 21:11:11 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-11-12 21:11:11 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-11-12 20:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2010-11-12 20:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-11-12 20:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-11-12 20:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-11-12 20:33:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-11-12 20:30:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-11-12 20:30:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2010-11-12 20:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-11-12 20:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-11-12 20:30:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-11-12 20:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-11-12 20:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-11-12 20:30:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-11-12 20:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-11-12 20:29:52 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-11-12 20:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2010-11-12 20:29:26 ----D---- C:\WINDOWS\ie8updates
2010-11-12 20:28:36 ----HDC---- C:\WINDOWS\ie8
2010-11-12 20:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-11-12 20:24:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-11-12 20:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-11-12 20:23:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-11-12 20:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2010-11-12 20:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2010-11-12 20:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-11-12 20:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-11-12 20:22:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-11-12 20:22:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956744_0$
2010-11-12 20:19:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-11-12 20:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_1$
2010-11-12 20:19:30 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_1$
2010-11-12 20:19:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-11-12 20:19:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-11-12 20:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-11-12 20:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-11-12 20:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-11-12 20:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-11-12 20:14:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-11-12 20:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-11-12 20:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-11-12 20:14:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-11-12 20:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-11-12 20:14:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-11-12 20:14:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-11-12 20:13:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-11-12 20:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-11-12 20:13:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2010-11-12 20:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2010-11-12 20:13:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-11-12 20:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-11-12 20:13:08 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-11-12 20:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-11-12 20:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-11-12 20:12:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2010-11-12 20:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-11-12 20:11:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2010-11-12 20:11:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-11-12 20:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2010-11-12 20:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-11-12 20:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-11-12 20:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-11-12 20:10:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2010-11-12 20:07:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-11-12 20:07:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-11-12 20:05:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-11-12 20:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-11-12 20:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-11-12 20:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-11-12 20:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-11-12 20:04:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-11-12 19:58:42 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-11-12 19:07:09 ----A---- C:\Boot.bak
2010-11-12 19:07:06 ----RASHD---- C:\cmdcons
2010-11-12 18:58:54 ----D---- C:\Program Files\trend micro
2010-11-12 15:52:28 ----D---- C:\Program Files\2K Games
2010-11-12 13:51:38 ----D---- C:\Documents and Settings\Karel\Data aplikací\OnLive App
2010-11-11 15:06:45 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2010-11-11 15:05:45 ----D---- C:\WINDOWS\PixArt
2010-11-11 15:05:45 ----D---- C:\WINDOWS\Album
2010-11-11 14:41:36 ----D---- C:\Program Files\FreeTrack
2010-11-10 17:53:56 ----D---- C:\Program Files\Taz-Mania
2010-11-10 17:24:07 ----D---- C:\Program Files\Comix Zone
2010-11-09 22:26:10 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-09 22:24:21 ----D---- C:\Program Files\ICQ7.2
2010-11-04 17:00:53 ----A---- C:\WINDOWS\game.ini
2010-10-30 19:41:24 ----D---- C:\Documents and Settings\Karel\Data aplikací\Need for Speed World
2010-10-30 14:51:13 ----D---- C:\Documents and Settings\Karel\Data aplikací\QipGuard
======List of files/folders modified in the last 1 months======
2010-11-17 12:16:04 ----D---- C:\WINDOWS\temp
2010-11-17 12:16:03 ----D---- C:\WINDOWS
2010-11-17 12:15:36 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-17 12:13:20 ----D---- C:\Program Files\Google
2010-11-17 12:13:19 ----D---- C:\WINDOWS\system32
2010-11-17 12:12:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-17 12:10:38 ----SHD---- C:\WINDOWS\Installer
2010-11-17 12:10:37 ----D---- C:\WINDOWS\system32\drivers
2010-11-17 12:10:37 ----D---- C:\Program Files
2010-11-17 12:10:35 ----HD---- C:\WINDOWS\inf
2010-11-17 12:10:35 ----D---- C:\Program Files\Common Files
2010-11-17 12:08:49 ----D---- C:\Program Files\Power Sound Editor Free
2010-11-17 12:07:29 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-11-17 12:07:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2010-11-17 12:05:48 ----D---- C:\WINDOWS\system32\COD4MW Screensaver dir
2010-11-17 12:05:38 ----D---- C:\Program Files\CDBurnerXP
2010-11-17 12:05:09 ----D---- C:\Program Files\BookPrintXP
2010-11-17 12:04:57 ----A---- C:\WINDOWS\win.ini
2010-11-17 12:04:39 ----D---- C:\hry
2010-11-17 11:59:09 ----D---- C:\Documents and Settings\Karel\Data aplikací\Winamp
2010-11-17 11:57:34 ----D---- C:\WINDOWS\Debug
2010-11-17 11:42:10 ----D---- C:\WINDOWS\Minidump
2010-11-17 11:35:02 ----SHD---- C:\System Volume Information
2010-11-17 11:35:02 ----D---- C:\WINDOWS\system32\Restore
2010-11-17 11:32:33 ----D---- C:\WINDOWS\Microsoft.NET
2010-11-17 11:32:24 ----RSD---- C:\WINDOWS\assembly
2010-11-17 11:31:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-16 16:50:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-16 16:50:28 ----HD---- C:\WINDOWS\$hf_mig$
2010-11-16 16:49:58 ----D---- C:\WINDOWS\WinSxS
2010-11-16 16:48:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-16 16:46:57 ----D---- C:\Program Files\Internet Explorer
2010-11-16 16:44:21 ----D---- C:\Program Files\Movie Maker
2010-11-15 23:15:59 ----A---- C:\WINDOWS\system.ini
2010-11-15 23:15:27 ----D---- C:\WINDOWS\system32\drivers\etc
2010-11-15 23:13:34 ----D---- C:\WINDOWS\system32\config
2010-11-15 23:13:01 ----SD---- C:\WINDOWS\Tasks
2010-11-15 23:10:33 ----D---- C:\WINDOWS\AppPatch
2010-11-15 22:55:46 ----D---- C:\WINDOWS\SoftwareDistribution
2010-11-15 16:42:48 ----D---- C:\WINDOWS\system32\DirectX
2010-11-15 16:35:47 ----D---- C:\Program Files\ATI Technologies
2010-11-15 16:30:48 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-15 16:30:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-15 15:51:54 ----D---- C:\WINDOWS\system32\Setup
2010-11-15 15:51:53 ----RSD---- C:\WINDOWS\Fonts
2010-11-15 15:51:53 ----D---- C:\WINDOWS\system32\wbem
2010-11-15 15:32:11 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-15 15:30:25 ----D---- C:\Program Files\Outlook Express
2010-11-15 15:25:37 ----D---- C:\Program Files\Messenger
2010-11-15 15:25:12 ----D---- C:\WINDOWS\security
2010-11-15 15:21:33 ----D---- C:\WINDOWS\network diagnostic
2010-11-15 15:21:33 ----D---- C:\WINDOWS\ime
2010-11-15 15:21:32 ----D---- C:\WINDOWS\Help
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\usmt
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\cs-cz
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\cs
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\bits
2010-11-15 15:21:27 ----D---- C:\WINDOWS\PeerNet
2010-11-15 15:21:27 ----D---- C:\WINDOWS\l2schemas
2010-11-15 15:19:22 ----D---- C:\WINDOWS\system32\npp
2010-11-15 15:19:22 ----D---- C:\WINDOWS\msagent
2010-11-15 15:19:21 ----D---- C:\WINDOWS\srchasst
2010-11-15 15:19:20 ----D---- C:\Program Files\NetMeeting
2010-11-15 15:19:19 ----D---- C:\WINDOWS\system32\Com
2010-11-15 15:19:18 ----D---- C:\Program Files\Windows NT
2010-11-15 15:19:18 ----D---- C:\Program Files\Windows Media Player
2010-11-15 15:19:16 ----D---- C:\Program Files\Common Files\System
2010-11-15 15:19:04 ----D---- C:\WINDOWS\system32\oobe
2010-11-15 15:18:59 ----D---- C:\WINDOWS\system
2010-11-15 15:15:35 ----D---- C:\WINDOWS\EHome
2010-11-14 23:41:41 ----D---- C:\Documents and Settings\Karel\Data aplikací\OpenOffice.org2
2010-11-14 22:14:57 ----D---- C:\Documents and Settings\Karel\Data aplikací\Skype
2010-11-14 21:23:44 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-14 21:10:38 ----D---- C:\Documents and Settings\Karel\Data aplikací\Xfire
2010-11-14 17:57:31 ----D---- C:\Program Files\Steam
2010-11-14 16:40:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-14 16:04:42 ----D---- C:\Documents and Settings\Karel\Data aplikací\skypePM
2010-11-13 16:13:50 ----D---- C:\Program Files\GameSpy Arcade
2010-11-13 16:13:47 ----D---- C:\TrackMania Nations ESWC
2010-11-12 21:07:46 ----D---- C:\WINDOWS\Media
2010-11-12 21:04:44 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-11-12 20:11:30 ----D---- C:\WINDOWS\Registration
2010-11-12 20:05:18 ----D---- C:\WINDOWS\ie7updates
2010-11-12 19:07:09 ----RASH---- C:\boot.ini
2010-11-12 18:20:43 ----D---- C:\Documents and Settings
2010-11-12 16:09:28 ----D---- C:\Program Files\Microsoft Works
2010-11-12 16:09:23 ----D---- C:\Program Files\USDownloader
2010-11-12 16:09:22 ----D---- C:\Program Files\Xvid
2010-11-12 16:09:22 ----D---- C:\Program Files\TVUPlayer
2010-11-12 16:09:21 ----D---- C:\Program Files\Windows Media Connect 2
2010-11-12 16:09:18 ----D---- C:\Program Files\DivX
2010-11-12 14:49:21 ----D---- C:\ModMan
2010-11-11 16:34:55 ----SD---- C:\Program Files\Xfire
2010-11-11 15:16:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-11-11 15:05:45 ----D---- C:\WINDOWS\twain_32
2010-11-11 14:59:20 ----D---- C:\WINDOWS\Downloaded Installations
2010-11-10 15:59:34 ----D---- C:\Documents and Settings\Karel\Data aplikací\ICQ
2010-11-09 22:26:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-11-09 22:24:36 ----D---- C:\Documents and Settings\Karel\Data aplikací\Canon
2010-11-07 20:47:30 ----D---- C:\Documents and Settings\Karel\Data aplikací\Tunngle
2010-11-02 16:47:16 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-31 15:17:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-10-30 14:50:55 ----D---- C:\Program Files\QIP
2010-10-27 10:26:53 ----D---- C:\Program Files\Fire Department 3
2010-10-22 13:51:12 ----D---- C:\Program Files\Eagle Dynamics
2010-10-21 18:02:52 ----RD---- C:\Filmy
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS [2006-05-11 247808]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-12 716272]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-01 20747]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-03-24 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-03-24 18048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-09-11 5417472]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-14 179200]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-16 4156416]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 SaiH353e;SaiH353E; C:\WINDOWS\system32\DRIVERS\SaiH353e.sys [2007-05-01 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 a00d8096;a00d8096; C:\WINDOWS\System32\drivers\a00d8096.sys []
S1 CXAVSAUD;Prolink 2388x Audio Capture; C:\WINDOWS\system32\DRIVERS\pvavsaud.sys [2006-10-11 9984]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S2 CX23880;Prolink 23880 Video Capture; C:\WINDOWS\system32\drivers\pv88vid.sys [2006-06-01 244352]
S2 PVTUNE;Prolink 2388x Tuner; C:\WINDOWS\system32\drivers\pv88TUNE.sys [2006-06-01 32256]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 a7ozally;a7ozally; C:\WINDOWS\system32\drivers\a7ozally.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 eaglent;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pvavSTS;Prolink 2388x AVStream TS Capture; C:\WINDOWS\system32\drivers\pvavsts.sys [2006-06-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar; C:\WINDOWS\system32\drivers\pvavxbar.sys [2006-06-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod; C:\WINDOWS\system32\drivers\PVBDAtun.sys [2006-06-01 104320]
S3 rspSanity;rspSanity; C:\WINDOWS\system32\DRIVERS\rspSanity32.sys [2009-03-07 30136]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-03-09 366080]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys [2005-11-20 13824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\Karel\LOCALS~1\Temp\sony_ssm.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-09-11 606208]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-08-29 270434]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-08-29 122976]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [2006-08-29 1073152]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-15 153376]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-01-29 554616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-12 75136]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2007-11-22 122880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-08-22 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-27 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-02-17 2736890]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-11-17 12:17:16
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (5%) free of 232 GB
Total RAM: 2047 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17, on 17.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Karel\Plocha\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Philips Media Manager.lnk = C:\Program Files\Philips\Media Manager\Philips Media Manager.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Karel\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5148918828
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/sta ... 0.15.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
--
End of file - 11243 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-15 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-04-30 185896]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-10 98304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Documents and Settings\Karel\Data aplikací\QipGuard\QipGuard.exe [2010-06-09 187904]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-09-11 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\CyberLink\PowerCinema\PCMService.exe"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\Philips\Media Manager\Philips Media Manager.exe"="C:\Program Files\Philips\Media Manager\Philips Media Manager.exe:*:Enabled:Philips Media Management for your Media Devices"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe"="C:\hry\Ubisoft\Ghost Recon Advanced Warfighter 2\graw2.exe:*:Enabled:Ghost Recon Advanced Warfighter® 2"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\Program Files\IVAO\IvAp\ivapnetint.exe"="C:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam 732897"
"C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\counter-strike beta\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe"="C:\Program Files\Steam\steamapps\czsnipik\half-life blue shift\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\czsnipik\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE"="C:\hry\Hasbro Interactive\RollerCoaster Tycoon\RCT.EXE:*:Enabled:RCT"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\modern warfare 2 infamy trailer\smp.exe:*:Enabled:Modern Warfare 2 Infamy Trailer"
"C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe"="C:\Program Files\Steam\steamapps\common\aliens vs. predator classic 2000 trailer\smp.exe:*:Enabled:Aliens vs. Predator Classic 2000 Trailer"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Binaries\EndWar.exe:*:Enabled:Tom Clancy's EndWar"
"C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe"="C:\Program Files\Ubisoft\Tom Clancy's EndWar\Tom Clancy's EndWar Launcher.exe:*:Enabled:Tom Clancy's EndWar Launcher"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Karel\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\hry\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe"="C:\hry\Ubisoft\Eagle Dynamics\Lock On\LockOn.exe:*:Enabled:LOCK ON"
"C:\Program Files\Tunngle\tnglctrl.exe"="C:\Program Files\Tunngle\tnglctrl.exe:*:Enabled:Tunngle Service"
"C:\Program Files\Tunngle\tunngle.exe"="C:\Program Files\Tunngle\tunngle.exe:*:Enabled:Tunngle Client"
"C:\hry\Eagle Dynamics\Ka-50\bin\x86\stable\simulator.exe"="C:\hry\Eagle Dynamics\Ka-50\bin\x86\stable\simulator.exe:*:Enabled:DCS Black Shark"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\hry\Activision\Call of Duty - Black Ops\BlackOps.exe"="C:\hry\Activision\Call of Duty - Black Ops\BlackOps.exe:*:Disabled:BlackOps"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.txt - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2010-11-17 12:17:16 ----D---- C:\rsit
2010-11-17 12:07:29 ----SHD---- C:\Config.Msi
2010-11-17 11:54:09 ----SHD---- C:\RECYCLER
2010-11-16 16:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-11-16 16:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-11-16 16:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-11-16 16:50:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-11-16 16:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-11-16 16:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-11-16 16:49:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-11-16 16:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-11-16 16:49:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-11-16 16:49:36 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-11-16 16:49:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-11-16 16:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-11-16 16:49:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-11-16 16:48:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-11-16 16:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-11-16 16:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-11-16 16:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-11-16 16:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-11-16 16:44:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-11-16 16:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-11-16 16:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-11-16 16:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-11-16 16:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-11-16 16:43:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-11-15 17:01:44 ----D---- C:\Documents and Settings\Karel\Data aplikací\Malwarebytes
2010-11-15 17:01:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-15 17:01:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-11-15 16:48:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-11-15 16:36:29 ----D---- C:\Program Files\ATI Stream
2010-11-15 16:30:22 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-11-15 15:52:32 ----D---- C:\WINDOWS\Prefetch
2010-11-15 15:31:12 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-11-15 15:31:07 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-11-15 15:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-11-15 15:30:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-11-15 15:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-11-15 15:30:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-11-15 15:30:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-11-15 15:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-11-15 15:30:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-11-15 15:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-11-15 15:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-11-15 15:30:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-11-15 15:30:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-11-15 15:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-11-15 15:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-11-15 15:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-11-15 15:29:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-11-15 15:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-11-15 15:29:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-11-15 15:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-11-15 15:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-11-15 15:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-11-15 15:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-11-15 15:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-11-15 15:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-11-15 15:28:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-11-15 15:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-11-15 15:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-11-15 15:28:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-11-15 15:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-11-15 15:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-11-15 15:28:21 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-11-15 15:28:16 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-11-15 15:28:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-11-15 15:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-11-15 15:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-11-15 15:27:45 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-11-15 15:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-11-15 15:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-11-15 15:27:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-11-15 15:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-11-15 15:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-11-15 15:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-11-15 15:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-11-15 15:27:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-11-15 15:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-11-15 15:26:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-11-15 15:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-11-15 15:26:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-11-15 15:26:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-11-15 15:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-11-15 15:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-11-15 15:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-11-15 15:26:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-11-15 15:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-11-15 15:26:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-11-15 15:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2010-11-15 15:25:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-11-15 15:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-11-15 15:25:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-11-15 15:25:36 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-11-15 15:25:31 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-11-15 15:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-11-15 15:15:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-11-14 01:50:42 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2010-11-14 01:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-11-12 21:13:55 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-11-12 21:13:49 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-11-12 21:13:48 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-11-12 21:13:48 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-11-12 21:13:47 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-11-12 21:13:47 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-11-12 21:13:45 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-11-12 21:13:45 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-11-12 21:13:45 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-11-12 21:13:43 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-11-12 21:13:34 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-11-12 21:13:33 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-11-12 21:13:33 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-11-12 21:11:11 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-11-12 21:11:11 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-11-12 21:11:10 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-11-12 21:11:09 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-11-12 20:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2010-11-12 20:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-11-12 20:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-11-12 20:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-11-12 20:33:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-11-12 20:30:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-11-12 20:30:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2010-11-12 20:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-11-12 20:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-11-12 20:30:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-11-12 20:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-11-12 20:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-11-12 20:30:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-11-12 20:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-11-12 20:29:52 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-11-12 20:29:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2010-11-12 20:29:26 ----D---- C:\WINDOWS\ie8updates
2010-11-12 20:28:36 ----HDC---- C:\WINDOWS\ie8
2010-11-12 20:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-11-12 20:24:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-11-12 20:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-11-12 20:23:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-11-12 20:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2010-11-12 20:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2010-11-12 20:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-11-12 20:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-11-12 20:22:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-11-12 20:22:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956744_0$
2010-11-12 20:19:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-11-12 20:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_1$
2010-11-12 20:19:30 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_1$
2010-11-12 20:19:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-11-12 20:19:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-11-12 20:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-11-12 20:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-11-12 20:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-11-12 20:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-11-12 20:14:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-11-12 20:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-11-12 20:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-11-12 20:14:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-11-12 20:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-11-12 20:14:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-11-12 20:14:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-11-12 20:13:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-11-12 20:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-11-12 20:13:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2010-11-12 20:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2010-11-12 20:13:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-11-12 20:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-11-12 20:13:08 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-11-12 20:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-11-12 20:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-11-12 20:12:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2010-11-12 20:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-11-12 20:11:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2010-11-12 20:11:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-11-12 20:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2010-11-12 20:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-11-12 20:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-11-12 20:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-11-12 20:10:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2010-11-12 20:07:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-11-12 20:07:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-11-12 20:05:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-11-12 20:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-11-12 20:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-11-12 20:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-11-12 20:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-11-12 20:04:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-11-12 19:58:42 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-11-12 19:07:09 ----A---- C:\Boot.bak
2010-11-12 19:07:06 ----RASHD---- C:\cmdcons
2010-11-12 18:58:54 ----D---- C:\Program Files\trend micro
2010-11-12 15:52:28 ----D---- C:\Program Files\2K Games
2010-11-12 13:51:38 ----D---- C:\Documents and Settings\Karel\Data aplikací\OnLive App
2010-11-11 15:06:45 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2010-11-11 15:05:45 ----D---- C:\WINDOWS\PixArt
2010-11-11 15:05:45 ----D---- C:\WINDOWS\Album
2010-11-11 14:41:36 ----D---- C:\Program Files\FreeTrack
2010-11-10 17:53:56 ----D---- C:\Program Files\Taz-Mania
2010-11-10 17:24:07 ----D---- C:\Program Files\Comix Zone
2010-11-09 22:26:10 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-09 22:24:21 ----D---- C:\Program Files\ICQ7.2
2010-11-04 17:00:53 ----A---- C:\WINDOWS\game.ini
2010-10-30 19:41:24 ----D---- C:\Documents and Settings\Karel\Data aplikací\Need for Speed World
2010-10-30 14:51:13 ----D---- C:\Documents and Settings\Karel\Data aplikací\QipGuard
======List of files/folders modified in the last 1 months======
2010-11-17 12:16:04 ----D---- C:\WINDOWS\temp
2010-11-17 12:16:03 ----D---- C:\WINDOWS
2010-11-17 12:15:36 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-17 12:13:20 ----D---- C:\Program Files\Google
2010-11-17 12:13:19 ----D---- C:\WINDOWS\system32
2010-11-17 12:12:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-17 12:10:38 ----SHD---- C:\WINDOWS\Installer
2010-11-17 12:10:37 ----D---- C:\WINDOWS\system32\drivers
2010-11-17 12:10:37 ----D---- C:\Program Files
2010-11-17 12:10:35 ----HD---- C:\WINDOWS\inf
2010-11-17 12:10:35 ----D---- C:\Program Files\Common Files
2010-11-17 12:08:49 ----D---- C:\Program Files\Power Sound Editor Free
2010-11-17 12:07:29 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-11-17 12:07:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2010-11-17 12:05:48 ----D---- C:\WINDOWS\system32\COD4MW Screensaver dir
2010-11-17 12:05:38 ----D---- C:\Program Files\CDBurnerXP
2010-11-17 12:05:09 ----D---- C:\Program Files\BookPrintXP
2010-11-17 12:04:57 ----A---- C:\WINDOWS\win.ini
2010-11-17 12:04:39 ----D---- C:\hry
2010-11-17 11:59:09 ----D---- C:\Documents and Settings\Karel\Data aplikací\Winamp
2010-11-17 11:57:34 ----D---- C:\WINDOWS\Debug
2010-11-17 11:42:10 ----D---- C:\WINDOWS\Minidump
2010-11-17 11:35:02 ----SHD---- C:\System Volume Information
2010-11-17 11:35:02 ----D---- C:\WINDOWS\system32\Restore
2010-11-17 11:32:33 ----D---- C:\WINDOWS\Microsoft.NET
2010-11-17 11:32:24 ----RSD---- C:\WINDOWS\assembly
2010-11-17 11:31:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-16 16:50:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-16 16:50:28 ----HD---- C:\WINDOWS\$hf_mig$
2010-11-16 16:49:58 ----D---- C:\WINDOWS\WinSxS
2010-11-16 16:48:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-16 16:46:57 ----D---- C:\Program Files\Internet Explorer
2010-11-16 16:44:21 ----D---- C:\Program Files\Movie Maker
2010-11-15 23:15:59 ----A---- C:\WINDOWS\system.ini
2010-11-15 23:15:27 ----D---- C:\WINDOWS\system32\drivers\etc
2010-11-15 23:13:34 ----D---- C:\WINDOWS\system32\config
2010-11-15 23:13:01 ----SD---- C:\WINDOWS\Tasks
2010-11-15 23:10:33 ----D---- C:\WINDOWS\AppPatch
2010-11-15 22:55:46 ----D---- C:\WINDOWS\SoftwareDistribution
2010-11-15 16:42:48 ----D---- C:\WINDOWS\system32\DirectX
2010-11-15 16:35:47 ----D---- C:\Program Files\ATI Technologies
2010-11-15 16:30:48 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-15 16:30:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-15 15:51:54 ----D---- C:\WINDOWS\system32\Setup
2010-11-15 15:51:53 ----RSD---- C:\WINDOWS\Fonts
2010-11-15 15:51:53 ----D---- C:\WINDOWS\system32\wbem
2010-11-15 15:32:11 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-15 15:30:25 ----D---- C:\Program Files\Outlook Express
2010-11-15 15:25:37 ----D---- C:\Program Files\Messenger
2010-11-15 15:25:12 ----D---- C:\WINDOWS\security
2010-11-15 15:21:33 ----D---- C:\WINDOWS\network diagnostic
2010-11-15 15:21:33 ----D---- C:\WINDOWS\ime
2010-11-15 15:21:32 ----D---- C:\WINDOWS\Help
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\usmt
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\cs-cz
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\cs
2010-11-15 15:21:27 ----D---- C:\WINDOWS\system32\bits
2010-11-15 15:21:27 ----D---- C:\WINDOWS\PeerNet
2010-11-15 15:21:27 ----D---- C:\WINDOWS\l2schemas
2010-11-15 15:19:22 ----D---- C:\WINDOWS\system32\npp
2010-11-15 15:19:22 ----D---- C:\WINDOWS\msagent
2010-11-15 15:19:21 ----D---- C:\WINDOWS\srchasst
2010-11-15 15:19:20 ----D---- C:\Program Files\NetMeeting
2010-11-15 15:19:19 ----D---- C:\WINDOWS\system32\Com
2010-11-15 15:19:18 ----D---- C:\Program Files\Windows NT
2010-11-15 15:19:18 ----D---- C:\Program Files\Windows Media Player
2010-11-15 15:19:16 ----D---- C:\Program Files\Common Files\System
2010-11-15 15:19:04 ----D---- C:\WINDOWS\system32\oobe
2010-11-15 15:18:59 ----D---- C:\WINDOWS\system
2010-11-15 15:15:35 ----D---- C:\WINDOWS\EHome
2010-11-14 23:41:41 ----D---- C:\Documents and Settings\Karel\Data aplikací\OpenOffice.org2
2010-11-14 22:14:57 ----D---- C:\Documents and Settings\Karel\Data aplikací\Skype
2010-11-14 21:23:44 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-14 21:10:38 ----D---- C:\Documents and Settings\Karel\Data aplikací\Xfire
2010-11-14 17:57:31 ----D---- C:\Program Files\Steam
2010-11-14 16:40:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-14 16:04:42 ----D---- C:\Documents and Settings\Karel\Data aplikací\skypePM
2010-11-13 16:13:50 ----D---- C:\Program Files\GameSpy Arcade
2010-11-13 16:13:47 ----D---- C:\TrackMania Nations ESWC
2010-11-12 21:07:46 ----D---- C:\WINDOWS\Media
2010-11-12 21:04:44 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-11-12 20:11:30 ----D---- C:\WINDOWS\Registration
2010-11-12 20:05:18 ----D---- C:\WINDOWS\ie7updates
2010-11-12 19:07:09 ----RASH---- C:\boot.ini
2010-11-12 18:20:43 ----D---- C:\Documents and Settings
2010-11-12 16:09:28 ----D---- C:\Program Files\Microsoft Works
2010-11-12 16:09:23 ----D---- C:\Program Files\USDownloader
2010-11-12 16:09:22 ----D---- C:\Program Files\Xvid
2010-11-12 16:09:22 ----D---- C:\Program Files\TVUPlayer
2010-11-12 16:09:21 ----D---- C:\Program Files\Windows Media Connect 2
2010-11-12 16:09:18 ----D---- C:\Program Files\DivX
2010-11-12 14:49:21 ----D---- C:\ModMan
2010-11-11 16:34:55 ----SD---- C:\Program Files\Xfire
2010-11-11 15:16:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-11-11 15:05:45 ----D---- C:\WINDOWS\twain_32
2010-11-11 14:59:20 ----D---- C:\WINDOWS\Downloaded Installations
2010-11-10 15:59:34 ----D---- C:\Documents and Settings\Karel\Data aplikací\ICQ
2010-11-09 22:26:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-11-09 22:24:36 ----D---- C:\Documents and Settings\Karel\Data aplikací\Canon
2010-11-07 20:47:30 ----D---- C:\Documents and Settings\Karel\Data aplikací\Tunngle
2010-11-02 16:47:16 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-31 15:17:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-10-30 14:50:55 ----D---- C:\Program Files\QIP
2010-10-27 10:26:53 ----D---- C:\Program Files\Fire Department 3
2010-10-22 13:51:12 ----D---- C:\Program Files\Eagle Dynamics
2010-10-21 18:02:52 ----RD---- C:\Filmy
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS [2006-05-11 247808]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-12 716272]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-01 20747]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-03-24 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-03-24 18048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-09-11 5417472]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-14 179200]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-16 4156416]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 SaiH353e;SaiH353E; C:\WINDOWS\system32\DRIVERS\SaiH353e.sys [2007-05-01 132232]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 a00d8096;a00d8096; C:\WINDOWS\System32\drivers\a00d8096.sys []
S1 CXAVSAUD;Prolink 2388x Audio Capture; C:\WINDOWS\system32\DRIVERS\pvavsaud.sys [2006-10-11 9984]
S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S2 CX23880;Prolink 23880 Video Capture; C:\WINDOWS\system32\drivers\pv88vid.sys [2006-06-01 244352]
S2 PVTUNE;Prolink 2388x Tuner; C:\WINDOWS\system32\drivers\pv88TUNE.sys [2006-06-01 32256]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 a7ozally;a7ozally; C:\WINDOWS\system32\drivers\a7ozally.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 eaglent;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pvavSTS;Prolink 2388x AVStream TS Capture; C:\WINDOWS\system32\drivers\pvavsts.sys [2006-06-01 16768]
S3 pvavXBAR;Prolink 2388x AVStream Crossbar; C:\WINDOWS\system32\drivers\pvavxbar.sys [2006-06-01 11520]
S3 PVBDATUNE;Prolink BDA DVB Tuner/Demod; C:\WINDOWS\system32\drivers\PVBDAtun.sys [2006-06-01 104320]
S3 rspSanity;rspSanity; C:\WINDOWS\system32\DRIVERS\rspSanity32.sys [2009-03-07 30136]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-03-09 366080]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\screamingbdriver.sys [2005-11-20 13824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sony_ssm.sys;sony_ssm.sys; \??\C:\DOCUME~1\Karel\LOCALS~1\Temp\sony_ssm.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-09-11 606208]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-08-29 270434]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-08-29 122976]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [2006-08-29 1073152]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-05-11 90112]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-15 153376]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-01-29 554616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-12 75136]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2007-11-22 122880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-08-22 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-27 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-02-17 2736890]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Všeobecný problém s windows
spusťte přejmenované HJT C:\Program Files\trend micro\Karel.exe , má tuto ikonku 
- Klikněte na "Do a system scan only"
- U řádku
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Karel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc
Nevidím antivir
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Všeobecný problém s windows
Antivir jsem odinstaloval během našeho řešení protože jsem měl obavy že bude omezovat ty programy.
Když jsme u toho. Mohla byjste mi nějáky doporučit. Který je nejlepší?
Když jsme u toho. Mohla byjste mi nějáky doporučit. Který je nejlepší?
Re: Všeobecný problém s windows
Každému vyhovuje jiný, ale pokud má být free, tak já používám Avast v kombinaci s firewallem Zone alarm a jsem naprosto spokojená .
Menší nároky na RAM má Avira.
.Menší nároky na RAM má Avira.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?