Právě jsem si kouzelně dostal do počítače tenhle virus a mám docela strach sice netušim co to umí ale Avast to smazat neumí.
Napadlo to explorer.exe a wininit.exe
RSIT log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Honza at 2010-12-01 20:20:30
Microsoft Windows 7 Professional
System drive C: has 498 GB (53%) free of 943 GB
Total RAM: 8183 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:39, on 1.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\FlashGet Network\FlashGet 3\Flashget3.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [FlashGet 3] "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12201 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" view=DOCKVIEW
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"taskhost.exe"
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\Flashget3.exe" -minimize
"C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1756
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e5cbc60b-2b28-4b4f-a177-3b5c746b6c93 -SystemEventPortName:HostProcess-77a2ce00-0fcf-419e-9ff5-63a71ca9ce06 -IoCancelEventPortName:HostProcess-2ba88e6a-60d2-4826-a98b-c23fd514cc8e -NonStateChangingEventPortName:HostProcess-82a08de8-af92-4100-8b2d-3a13725408b9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:66695027-116d-486e-a6d2-1fc5ab159a23
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" -- "http://www.facebook.com/photo.php?pid=2 ... 4525794230"
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Honza\AppData\Local\Google\Chrome\Application\7.0.517.44\gcswf32.dll" --lang=cs --plugin-data-dir="C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default" --channel=3968.071C284C.114229687 /prefetch:4
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
SndVol.exe -r 65275038 0 {0.0.0.00000000}.{6723c43e-7779-4163-a3da-5f2f580fb4e6}
"C:\Program Files (x86)\Winamp\winamp.exe"
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_6/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/ --channel=3968.07165900.429235743 /prefetch:3
"C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_6/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/ --channel=3968.08621600.1783878798 /prefetch:3
"C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Users\Honza\Downloads\RSITx64.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 034C69E3-AE16-4749-5CB1-71856C51C081 -Reinvoke
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1529831411-2451317978-2118409538-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1529831411-2451317978-2118409538-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2010-05-11 144944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-27 16327712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-30 1685048]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"FlashGet 3"=C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe [2010-05-11 2385456]
"Skype"=C:\Program Files (x86)\Skype\\Phone\Skype.exe [2010-09-02 13351304]
"Google Update"=C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 136176]
"Aim"=C:\Program Files (x86)\AIM\aim.exe [2010-10-13 4258136]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-06-29 600936]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-06-18 563736]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-09-24 421160]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-07-12 74752]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="SDLoader.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 months======
2010-12-01 20:20:31 ----D---- C:\Program Files\trend micro
2010-12-01 19:37:42 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-01 19:37:42 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-12-01 19:16:55 ----D---- C:\Program Files (x86)\PCSX2 0.9.7
2010-11-28 01:27:39 ----D---- C:\Users\Honza\AppData\Roaming\acccore
2010-11-28 01:27:35 ----D---- C:\ProgramData\AIM
2010-11-28 01:27:33 ----D---- C:\Program Files (x86)\AIM
2010-11-21 15:58:59 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-11-21 15:58:59 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-11-21 15:58:59 ----A---- C:\Windows\SYSWOW64\java.exe
2010-11-17 00:32:13 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-11-17 00:32:13 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-11-17 00:32:13 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
======List of files/folders modified in the last 1 months======
2010-12-01 20:20:36 ----D---- C:\Windows\Temp
2010-12-01 20:20:31 ----RD---- C:\Program Files
2010-12-01 19:37:42 ----RD---- C:\Program Files (x86)
2010-12-01 19:37:42 ----HD---- C:\ProgramData
2010-12-01 19:32:57 ----D---- C:\Hry
2010-12-01 19:32:50 ----D---- C:\Windows\SysWOW64
2010-12-01 19:32:50 ----D---- C:\windows
2010-12-01 19:24:53 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2010-12-01 19:20:51 ----D---- C:\Windows\SYSWOW64\directx
2010-12-01 19:20:47 ----HD---- C:\Windows\msdownld.tmp
2010-12-01 19:20:34 ----SHD---- C:\Windows\Installer
2010-12-01 16:04:12 ----D---- C:\Users\Honza\AppData\Roaming\skypePM
2010-12-01 15:32:59 ----D---- C:\Windows\system32\config
2010-12-01 15:30:32 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-12-01 15:23:47 ----D---- C:\Windows\System32
2010-12-01 15:23:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-30 20:01:53 ----D---- C:\Windows\Prefetch
2010-11-30 15:10:11 ----SHD---- C:\System Volume Information
2010-11-29 21:11:20 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2010-11-28 01:27:33 ----D---- C:\Program Files (x86)\Common Files
2010-11-28 00:27:00 ----D---- C:\ProgramData\PDFC
2010-11-27 22:48:00 ----D---- C:\Users\Honza\AppData\Roaming\ICQ
2010-11-25 21:03:09 ----D---- C:\Users\Honza\AppData\Roaming\Audacity
2010-11-25 00:10:45 ----D---- C:\Program Files\Internet Explorer
2010-11-25 00:10:45 ----D---- C:\Program Files (x86)\Internet Explorer
2010-11-25 00:10:44 ----D---- C:\Windows\winsxs
2010-11-24 15:07:13 ----D---- C:\Windows\system32\catroot
2010-11-23 20:16:33 ----D---- C:\Downloads
2010-11-23 15:07:41 ----D---- C:\Windows\system32\catroot2
2010-11-21 15:58:53 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-11-21 11:36:09 ----D---- C:\Program Files (x86)\Java
2010-11-18 22:56:04 ----D---- C:\Windows\debug
2010-11-17 00:32:29 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-11-17 00:32:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-16 15:51:56 ----AD---- C:\Program Files (x86)\Silkroad
2010-11-10 23:53:52 ----D---- C:\ProgramData\Microsoft Help
2010-11-10 23:52:01 ----A---- C:\Windows\system32\MRT.exe
2010-11-10 17:52:17 ----D---- C:\Program Files (x86)\ICQ7.2
2010-11-03 23:45:52 ----D---- C:\Users\Honza\AppData\Roaming\BITS
2010-11-02 15:06:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-18 834544]
R0 Tpkd;Tpkd; C:\Windows\system32\drivers\Tpkd.sys [2009-12-23 105592]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-05-16 307400]
R1 mfetdik;McAfee Inc. mfetdik; C:\Windows\system32\drivers\mfetdik.sys [2009-05-16 71240]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-10-11 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-06-26 1790752]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-08-23 34032]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 35112]
S3 a5xu0ehk;a5xu0ehk; C:\Windows\system32\drivers\a5xu0ehk.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\Program Files\Games-Masters.com\CABAL Online (EU)\GameGuard\dump_wmimmc.sys []
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB_x64.sys [2009-05-12 20480]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-08-23 13352]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\plugins\UI\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-08-23 27176]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\Windows\system32\drivers\MfeAVFK.sys [2009-05-16 102600]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\Windows\system32\drivers\MfeRKDK.sys [2009-05-16 40904]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-04 4682]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-19 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-19 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-19 33792]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-09-24 125440]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-27 382496]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-11-29 75136]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-06-28 173352]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 932640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-05-01 229944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2010-05-03 3658096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-06 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Win32:Bamital-AO
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win32:Bamital-AO
Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win32:Bamital-AO
Po hodině scanování mi to vyhodilo error a ukončilo program.. scan udělám zítra.
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win32:Bamital-AO
Zkuste to v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win32:Bamital-AO
Scan podle všeho běží, píšu ze školy. Akorát mi virus schoval lištu a ikonky plochy... + jak mám při bootu nastavit nouzový režim?
Re: Win32:Bamital-AO
Chvíli to jelo normálně a pak explorer hodil error a zavřel se.
Automatická kontrola: selhání (události: 16, objekty: 0, čas: Neznámý)
1.12.2010 22:56:09 Chyba zpracování C:\Hry\Adobe After Effects CS4\Setup_AECS4\ADBEAFETCS4_LS7.7z/Adobe CS4/payloads/AdobeAfterEffects9All/AdobeAfterEffects9All1.cab Chyba čtení
1.12.2010 22:34:07 Chyba zpracování C:\Downloads\Silkroad.rar Chyba čtení
1.12.2010 22:33:39 Chyba zpracování C:\Downloads\Data Map.rar Chyba čtení
1.12.2010 22:26:16 Neošetřeno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/C19H28O2.dll Zápis není podporován
1.12.2010 22:26:16 Zjištěno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/C19H28O2.dll
1.12.2010 22:26:07 Neošetřeno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/Loader.exe Zápis není podporován
1.12.2010 22:26:07 Zjištěno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/Loader.exe
1.12.2010 22:24:46 Neošetřeno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/Loader.exe Zápis není podporován
1.12.2010 22:24:46 Zjištěno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/Loader.exe
1.12.2010 22:24:45 Neošetřeno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/C19H28O2.dll Zápis není podporován
1.12.2010 22:24:45 Zjištěno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/C19H28O2.dll
1.12.2010 22:17:43 Odstraněno: Trojan-PSW.Win32.Agent.pke C:\Documents and Settings\Honza\Downloads\Mombot CoD4 Public.zip/CoD 4.exe
1.12.2010 22:17:28 Zjištěno: Trojan-PSW.Win32.Agent.pke C:\Documents and Settings\Honza\Downloads\Mombot CoD4 Public.zip/CoD 4.exe
1.12.2010 21:37:50 Odstraněno: Trojan.Win32.Swisyn.apom C:\Program Files (x86)\Capcom\lost planet 2\Launcher.exe
1.12.2010 21:37:34 Zjištěno: Trojan.Win32.Swisyn.apom C:\Program Files (x86)\Capcom\lost planet 2\Launcher.exe
1.12.2010 21:31:50 Úloha byla spuštěna
Automatická kontrola: zastaveno před 2 min. (události: 38, objekty: 799887, čas: 07:46:30)
2.12.2010 15:37:00 Úloha byla zastavena
2.12.2010 9:58:19 Dezinfikováno: Trojan.Win32.Patched.kl C:\windows\SysWOW64\wininit.exe
2.12.2010 9:58:19 Dezinfikováno: Trojan.Win32.Patched.kl C:\windows\SysWOW64\wininit.exe
2.12.2010 9:58:19 Zjištěno: Trojan.Win32.Patched.kl C:\windows\SysWOW64\wininit.exe
2.12.2010 9:58:06 Zjištěno: Trojan-PSW.Win32.Dybalom.dhd C:\windows\SysWOW64\iexplore.exe
2.12.2010 9:05:11 Odstraněno: Trojan-Dropper.Win32.Renum.dgw C:\Program Files (x86)\iSilkroad\SROKing\Launcher.exe
2.12.2010 9:05:06 Zjištěno: Trojan-Dropper.Win32.Renum.dgw C:\Program Files (x86)\iSilkroad\SROKing\Launcher.exe
2.12.2010 9:02:33 Odstraněno: Trojan.Win32.Genome.htrl C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted\reloaded.exe
2.12.2010 9:02:33 Zjištěno: Trojan.Win32.Genome.htrl C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted\reloaded.exe
2.12.2010 8:58:28 Odstraněno: Trojan.Win32.Swizzor.wdl C:\Program Files (x86)\Aspyr\Star Wars The Force Unleashed\Star Wars The Force Unleashed v1.0 + 9 Trainer.exe
2.12.2010 8:58:19 Zjištěno: Trojan.Win32.Swizzor.wdl C:\Program Files (x86)\Aspyr\Star Wars The Force Unleashed\Star Wars The Force Unleashed v1.0 + 9 Trainer.exe/data0077.res/PE_Patch.PECompact/PecBundle/PECompact
2.12.2010 8:50:28 Odstraněno: Trojan-Spy.Win32.Ardamax.jhb C:\Program Files (x86)\Activision\Prototype\Prototype +5 Trainer.exe
2.12.2010 8:50:27 Zjištěno: Trojan-Spy.Win32.Ardamax.jhb C:\Program Files (x86)\Activision\Prototype\Prototype +5 Trainer.exe
2.12.2010 8:46:58 Odstraněno: Trojan-PSW.Win32.Agent.tyl C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD4Bot Hack Folder\Public cod4bot v2.1.exe
2.12.2010 8:46:54 Odstraněno: Trojan.Win32.Genome.dyly C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\sounds.dll
2.12.2010 8:46:50 Odstraněno: Trojan.Win32.Genome.awcf C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\h3heV3.dll
2.12.2010 8:46:46 Zjištěno: Trojan-PSW.Win32.Agent.tyl C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD4Bot Hack Folder\Public cod4bot v2.1.exe
2.12.2010 8:46:46 Odstraněno: VirTool.Win32.StealthInjector.f C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\DCInjector.exe
2.12.2010 8:46:46 Zjištěno: Trojan.Win32.Genome.dyly C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\sounds.dll
2.12.2010 8:46:42 Zjištěno: Trojan.Win32.Genome.awcf C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\h3heV3.dll
2.12.2010 8:46:42 Odstraněno: Trojan-PSW.Win32.Agent.sid C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\COD4.exe
2.12.2010 8:46:37 Zjištěno: VirTool.Win32.StealthInjector.f C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\DCInjector.exe
2.12.2010 8:46:37 Zjištěno: Trojan-PSW.Win32.Agent.sid C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\COD4.exe/UPX
2.12.2010 8:46:36 Odstraněno: Trojan-PSW.Win32.Agent.pke C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD 4.exe
2.12.2010 8:46:36 Zjištěno: Trojan-PSW.Win32.Agent.pke C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD 4.exe
2.12.2010 8:38:43 Odstraněno: Trojan-PSW.Win32.Delf.ery C:\Hry\WoW 3.3.3\WoWPorty2.exe
2.12.2010 8:38:39 Zjištěno: Trojan-PSW.Win32.Delf.ery C:\Hry\WoW 3.3.3\WoWPorty2.exe
2.12.2010 8:38:04 Neošetřeno: Trojan-Downloader.Win32.Agent.frs C:\Hry\World of Warcraft - Burning Crusade\[cheat-project.com] PiroX BG Bot v7.2.4 2007-12-16.rar/PiroX B0t/pirox.exe Zápis není podporován
2.12.2010 8:38:04 Zjištěno: Trojan-Downloader.Win32.Agent.frs C:\Hry\World of Warcraft - Burning Crusade\[cheat-project.com] PiroX BG Bot v7.2.4 2007-12-16.rar/PiroX B0t/pirox.exe
2.12.2010 8:37:56 Odstraněno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\C19H28O2.dll
2.12.2010 8:37:47 Neošetřeno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/Loader.exe Zápis není podporován
2.12.2010 8:37:47 Zjištěno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/Loader.exe
2.12.2010 8:37:46 Neošetřeno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/C19H28O2.dll Zápis není podporován
2.12.2010 8:37:46 Zjištěno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/C19H28O2.dll
2.12.2010 8:37:45 Zjištěno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\C19H28O2.dll
2.12.2010 8:37:32 Odstraněno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Loader.exe
2.12.2010 8:37:31 Zjištěno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Loader.exe
2.12.2010 7:50:30 Úloha byla spuštěna
Dezinfikovat aktivní hrozby: spuštěno (události: 3, objekty: 3249, čas: 00:02:14)
2.12.2010 15:36:59 Úloha byla spuštěna
2.12.2010 15:37:01 Zjištěno: Trojan-PSW.Win32.Dybalom.dhd C:\windows\SysWOW64\iexplore.exe
2.12.2010 15:37:08 Odstraněno: Trojan-PSW.Win32.Dybalom.dhd C:\windows\SysWOW64\iexplore.exe
Automatická kontrola: selhání (události: 16, objekty: 0, čas: Neznámý)
1.12.2010 22:56:09 Chyba zpracování C:\Hry\Adobe After Effects CS4\Setup_AECS4\ADBEAFETCS4_LS7.7z/Adobe CS4/payloads/AdobeAfterEffects9All/AdobeAfterEffects9All1.cab Chyba čtení
1.12.2010 22:34:07 Chyba zpracování C:\Downloads\Silkroad.rar Chyba čtení
1.12.2010 22:33:39 Chyba zpracování C:\Downloads\Data Map.rar Chyba čtení
1.12.2010 22:26:16 Neošetřeno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/C19H28O2.dll Zápis není podporován
1.12.2010 22:26:16 Zjištěno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/C19H28O2.dll
1.12.2010 22:26:07 Neošetřeno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/Loader.exe Zápis není podporován
1.12.2010 22:26:07 Zjištěno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SroXZ_Files_+_Loader.rar/Silkroad/Loader.exe
1.12.2010 22:24:46 Neošetřeno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/Loader.exe Zápis není podporován
1.12.2010 22:24:46 Zjištěno: Trojan.Win32.Vapsup.yya C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/Loader.exe
1.12.2010 22:24:45 Neošetřeno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/C19H28O2.dll Zápis není podporován
1.12.2010 22:24:45 Zjištěno: Trojan.Win32.Vapsup.znj C:\Documents and Settings\Honza\Downloads\SeaShadow (Updated By LastThief).zip/SeaShadow (Updated By LastThief)/Tools/Loader.rar/Loader/C19H28O2.dll
1.12.2010 22:17:43 Odstraněno: Trojan-PSW.Win32.Agent.pke C:\Documents and Settings\Honza\Downloads\Mombot CoD4 Public.zip/CoD 4.exe
1.12.2010 22:17:28 Zjištěno: Trojan-PSW.Win32.Agent.pke C:\Documents and Settings\Honza\Downloads\Mombot CoD4 Public.zip/CoD 4.exe
1.12.2010 21:37:50 Odstraněno: Trojan.Win32.Swisyn.apom C:\Program Files (x86)\Capcom\lost planet 2\Launcher.exe
1.12.2010 21:37:34 Zjištěno: Trojan.Win32.Swisyn.apom C:\Program Files (x86)\Capcom\lost planet 2\Launcher.exe
1.12.2010 21:31:50 Úloha byla spuštěna
Automatická kontrola: zastaveno před 2 min. (události: 38, objekty: 799887, čas: 07:46:30)
2.12.2010 15:37:00 Úloha byla zastavena
2.12.2010 9:58:19 Dezinfikováno: Trojan.Win32.Patched.kl C:\windows\SysWOW64\wininit.exe
2.12.2010 9:58:19 Dezinfikováno: Trojan.Win32.Patched.kl C:\windows\SysWOW64\wininit.exe
2.12.2010 9:58:19 Zjištěno: Trojan.Win32.Patched.kl C:\windows\SysWOW64\wininit.exe
2.12.2010 9:58:06 Zjištěno: Trojan-PSW.Win32.Dybalom.dhd C:\windows\SysWOW64\iexplore.exe
2.12.2010 9:05:11 Odstraněno: Trojan-Dropper.Win32.Renum.dgw C:\Program Files (x86)\iSilkroad\SROKing\Launcher.exe
2.12.2010 9:05:06 Zjištěno: Trojan-Dropper.Win32.Renum.dgw C:\Program Files (x86)\iSilkroad\SROKing\Launcher.exe
2.12.2010 9:02:33 Odstraněno: Trojan.Win32.Genome.htrl C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted\reloaded.exe
2.12.2010 9:02:33 Zjištěno: Trojan.Win32.Genome.htrl C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted\reloaded.exe
2.12.2010 8:58:28 Odstraněno: Trojan.Win32.Swizzor.wdl C:\Program Files (x86)\Aspyr\Star Wars The Force Unleashed\Star Wars The Force Unleashed v1.0 + 9 Trainer.exe
2.12.2010 8:58:19 Zjištěno: Trojan.Win32.Swizzor.wdl C:\Program Files (x86)\Aspyr\Star Wars The Force Unleashed\Star Wars The Force Unleashed v1.0 + 9 Trainer.exe/data0077.res/PE_Patch.PECompact/PecBundle/PECompact
2.12.2010 8:50:28 Odstraněno: Trojan-Spy.Win32.Ardamax.jhb C:\Program Files (x86)\Activision\Prototype\Prototype +5 Trainer.exe
2.12.2010 8:50:27 Zjištěno: Trojan-Spy.Win32.Ardamax.jhb C:\Program Files (x86)\Activision\Prototype\Prototype +5 Trainer.exe
2.12.2010 8:46:58 Odstraněno: Trojan-PSW.Win32.Agent.tyl C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD4Bot Hack Folder\Public cod4bot v2.1.exe
2.12.2010 8:46:54 Odstraněno: Trojan.Win32.Genome.dyly C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\sounds.dll
2.12.2010 8:46:50 Odstraněno: Trojan.Win32.Genome.awcf C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\h3heV3.dll
2.12.2010 8:46:46 Zjištěno: Trojan-PSW.Win32.Agent.tyl C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD4Bot Hack Folder\Public cod4bot v2.1.exe
2.12.2010 8:46:46 Odstraněno: VirTool.Win32.StealthInjector.f C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\DCInjector.exe
2.12.2010 8:46:46 Zjištěno: Trojan.Win32.Genome.dyly C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\sounds.dll
2.12.2010 8:46:42 Zjištěno: Trojan.Win32.Genome.awcf C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\h3heV3.dll
2.12.2010 8:46:42 Odstraněno: Trojan-PSW.Win32.Agent.sid C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\COD4.exe
2.12.2010 8:46:37 Zjištěno: VirTool.Win32.StealthInjector.f C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\DCInjector.exe
2.12.2010 8:46:37 Zjištěno: Trojan-PSW.Win32.Agent.sid C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\COD4.exe/UPX
2.12.2010 8:46:36 Odstraněno: Trojan-PSW.Win32.Agent.pke C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD 4.exe
2.12.2010 8:46:36 Zjištěno: Trojan-PSW.Win32.Agent.pke C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\oh my gosh!\CoD 4.exe
2.12.2010 8:38:43 Odstraněno: Trojan-PSW.Win32.Delf.ery C:\Hry\WoW 3.3.3\WoWPorty2.exe
2.12.2010 8:38:39 Zjištěno: Trojan-PSW.Win32.Delf.ery C:\Hry\WoW 3.3.3\WoWPorty2.exe
2.12.2010 8:38:04 Neošetřeno: Trojan-Downloader.Win32.Agent.frs C:\Hry\World of Warcraft - Burning Crusade\[cheat-project.com] PiroX BG Bot v7.2.4 2007-12-16.rar/PiroX B0t/pirox.exe Zápis není podporován
2.12.2010 8:38:04 Zjištěno: Trojan-Downloader.Win32.Agent.frs C:\Hry\World of Warcraft - Burning Crusade\[cheat-project.com] PiroX BG Bot v7.2.4 2007-12-16.rar/PiroX B0t/pirox.exe
2.12.2010 8:37:56 Odstraněno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\C19H28O2.dll
2.12.2010 8:37:47 Neošetřeno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/Loader.exe Zápis není podporován
2.12.2010 8:37:47 Zjištěno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/Loader.exe
2.12.2010 8:37:46 Neošetřeno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/C19H28O2.dll Zápis není podporován
2.12.2010 8:37:46 Zjištěno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\Tools\Loader.rar/Loader/C19H28O2.dll
2.12.2010 8:37:45 Zjištěno: Trojan.Win32.Vapsup.znj C:\Hry\Silkroad Server\C19H28O2.dll
2.12.2010 8:37:32 Odstraněno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Loader.exe
2.12.2010 8:37:31 Zjištěno: Trojan.Win32.Vapsup.yya C:\Hry\Silkroad Server\Loader.exe
2.12.2010 7:50:30 Úloha byla spuštěna
Dezinfikovat aktivní hrozby: spuštěno (události: 3, objekty: 3249, čas: 00:02:14)
2.12.2010 15:36:59 Úloha byla spuštěna
2.12.2010 15:37:01 Zjištěno: Trojan-PSW.Win32.Dybalom.dhd C:\windows\SysWOW64\iexplore.exe
2.12.2010 15:37:08 Odstraněno: Trojan-PSW.Win32.Dybalom.dhd C:\windows\SysWOW64\iexplore.exe
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win32:Bamital-AO
Některé položky byly smazány, další dezinfikovány. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win32:Bamital-AO
Po startu počítače se stane chyba v průzkumníku (exploreru) ten se vypne takže zmizí lišta + ikonky. Avast zablokuje jmenovaný virus a vypisuje jakýsi winlogon.exe. V nouzovém režimu jde bez problémů
Re: Win32:Bamital-AO
Novy utok tentokrat v procesu tušim WarFolk.exe nebo nějak podobně...
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win32:Bamital-AO
Zkusme ještě toto:
Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:
Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:
Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win32:Bamital-AO
Tady to je (OTL.txt) na 2 části :
OTL logfile created on: 12/2/2010 7:08:31 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Honza\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8.00 Gb Total Physical Memory | 7.00 Gb Available Physical Memory | 83.00% Memory free
16.00 Gb Paging File | 15.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.28 Gb Total Space | 529.02 Gb Free Space | 57.42% Space Free | Partition Type: NTFS
Drive D: | 8.22 Gb Total Space | 0.80 Gb Free Space | 9.71% Space Free | Partition Type: NTFS
Computer Name: HONZA-HP | User Name: Honza | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/02 19:03:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
PRC - [2010/11/01 22:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
========== Modules (SafeList) ==========
MOD - [2010/12/02 19:03:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/12/01 15:19:31 | 003,020,376 | ---- | M] () [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_5632d69.dll -- (Akamai)
SRV - [2010/11/29 21:11:20 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/28 08:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/05/03 18:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/03/28 15:47:30 | 000,246,520 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/18 18:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/07/24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/05 04:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Games-Masters.com\CABAL Online (EU)\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV:64bit: - [2010/10/11 19:57:27 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/08/23 20:11:47 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010/08/23 20:11:29 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2010/08/23 20:11:29 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2010/05/18 17:59:16 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/03/11 10:17:14 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/22 18:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/16 03:15:14 | 000,307,400 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/05/16 03:15:14 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\mfeavfk.sys -- (MfeAVFK)
DRV:64bit: - [2009/05/16 03:15:14 | 000,071,240 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009/05/16 03:15:14 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\mferkdk.sys -- (MfeRKDK)
DRV:64bit: - [2009/05/12 14:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\FlashUSB_x64.sys -- (FlashUSB)
DRV:64bit: - [2008/11/19 16:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/19 16:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/19 16:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV - [2009/05/12 14:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\windows\SysWOW64\drivers\FlashUsb_x64.sys -- (FlashUSB)
DRV - [2005/01/04 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.4&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/02 15:06:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/28 01:27:33 | 000,000,000 | ---D | M]
[2010/04/20 15:39:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2010/11/30 22:39:49 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions
[2010/06/16 05:36:50 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010/09/17 13:12:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/14 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\DivXWebPlayer@divx.com
[2010/10/04 14:02:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\staged-xpis
[2010/11/27 15:10:19 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-1.xml
[2010/07/25 18:02:30 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-2.xml
[2010/09/09 06:50:25 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-3.xml
[2010/09/17 13:11:19 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-4.xml
[2010/10/22 13:26:49 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-5.xml
[2010/05/12 17:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin.xml
[2010/11/30 22:39:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/20 15:59:15 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/03 17:38:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/22 11:07:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/21 15:59:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/06/13 14:42:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
[2010/11/21 15:58:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010/07/25 18:02:25 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/07/25 18:02:25 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/07/25 18:02:25 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/07/25 18:02:25 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/07/25 18:02:25 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\windows\SysNative\drivers\etc\hosts
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [FlashGet 3] C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Download all by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Stahnout FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (SDLoader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6a6778af-e27c-11df-8029-40618632eda4}\Shell - "" = AutoRun
O33 - MountPoints2\{6a6778af-e27c-11df-8029-40618632eda4}\Shell\AutoRun\command - "" = L:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{cf569b04-76bd-11df-8c0c-40618632eda4}\Shell - "" = AutoRun
O33 - MountPoints2\{cf569b04-76bd-11df-8c0c-40618632eda4}\Shell\AutoRun\command - "" = L:\USBAutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
OTL logfile created on: 12/2/2010 7:08:31 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Honza\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8.00 Gb Total Physical Memory | 7.00 Gb Available Physical Memory | 83.00% Memory free
16.00 Gb Paging File | 15.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.28 Gb Total Space | 529.02 Gb Free Space | 57.42% Space Free | Partition Type: NTFS
Drive D: | 8.22 Gb Total Space | 0.80 Gb Free Space | 9.71% Space Free | Partition Type: NTFS
Computer Name: HONZA-HP | User Name: Honza | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/02 19:03:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
PRC - [2010/11/01 22:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe
========== Modules (SafeList) ==========
MOD - [2010/12/02 19:03:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/12/01 15:19:31 | 003,020,376 | ---- | M] () [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_5632d69.dll -- (Akamai)
SRV - [2010/11/29 21:11:20 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/28 08:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/05/03 18:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/03/28 15:47:30 | 000,246,520 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/18 18:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/07/24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/05 04:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Games-Masters.com\CABAL Online (EU)\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV:64bit: - [2010/10/11 19:57:27 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010/09/07 15:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/08/23 20:11:47 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010/08/23 20:11:29 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2010/08/23 20:11:29 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2010/05/18 17:59:16 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/03/11 10:17:14 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/22 18:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/16 03:15:14 | 000,307,400 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/05/16 03:15:14 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\mfeavfk.sys -- (MfeAVFK)
DRV:64bit: - [2009/05/16 03:15:14 | 000,071,240 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\mfetdik.sys -- (mfetdik)
DRV:64bit: - [2009/05/16 03:15:14 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\mferkdk.sys -- (MfeRKDK)
DRV:64bit: - [2009/05/12 14:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\FlashUSB_x64.sys -- (FlashUSB)
DRV:64bit: - [2008/11/19 16:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/19 16:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/19 16:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV - [2009/05/12 14:53:12 | 000,020,480 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\windows\SysWOW64\drivers\FlashUsb_x64.sys -- (FlashUSB)
DRV - [2005/01/04 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.4&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/02 15:06:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/28 01:27:33 | 000,000,000 | ---D | M]
[2010/04/20 15:39:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2010/11/30 22:39:49 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions
[2010/06/16 05:36:50 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010/09/17 13:12:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/05/14 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\DivXWebPlayer@divx.com
[2010/10/04 14:02:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\extensions\staged-xpis
[2010/11/27 15:10:19 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-1.xml
[2010/07/25 18:02:30 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-2.xml
[2010/09/09 06:50:25 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-3.xml
[2010/09/17 13:11:19 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-4.xml
[2010/10/22 13:26:49 | 000,000,950 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin-5.xml
[2010/05/12 17:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\db7f9z2c.default\searchplugins\icqplugin.xml
[2010/11/30 22:39:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/20 15:59:15 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/03 17:38:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/22 11:07:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/21 15:59:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/06/13 14:42:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
[2010/11/21 15:58:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010/07/25 18:02:25 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/07/25 18:02:25 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/07/25 18:02:25 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/07/25 18:02:25 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/07/25 18:02:25 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\windows\SysNative\drivers\etc\hosts
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [FlashGet 3] C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited)
O4 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Download all by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Stahnout FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (SDLoader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6a6778af-e27c-11df-8029-40618632eda4}\Shell - "" = AutoRun
O33 - MountPoints2\{6a6778af-e27c-11df-8029-40618632eda4}\Shell\AutoRun\command - "" = L:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{cf569b04-76bd-11df-8c0c-40618632eda4}\Shell - "" = AutoRun
O33 - MountPoints2\{cf569b04-76bd-11df-8c0c-40618632eda4}\Shell\AutoRun\command - "" = L:\USBAutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Re: Win32:Bamital-AO
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2010/12/02 19:03:29 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010/12/01 21:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/12/01 20:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/12/01 19:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/12/01 19:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/12/01 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\PCSX2
[2010/12/01 19:21:18 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\PCSX2
[2010/12/01 19:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.7
[2010/11/28 01:27:39 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\acccore
[2010/11/28 01:27:38 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\AIM
[2010/11/28 01:27:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2010/11/28 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2010/11/28 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2010/11/28 01:27:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2010/11/21 15:59:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/11/21 15:58:59 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/11/21 15:58:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/11/21 15:58:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/11/17 00:32:13 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010/11/17 00:32:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/11/17 00:32:13 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010/11/12 15:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2010/11/10 16:37:34 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Activision
[2010/11/03 17:01:53 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\HYL
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/12/02 19:05:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/02 19:05:07 | 2140,491,775 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/02 19:03:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010/12/02 19:02:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1529831411-2451317978-2118409538-1001UA.job
[2010/12/02 18:59:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/02 18:59:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/02 18:58:49 | 005,360,626 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/12/02 18:58:49 | 002,240,018 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/02 18:58:49 | 001,717,574 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/12/02 18:58:49 | 001,656,862 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/02 18:58:49 | 000,005,218 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/02 16:15:09 | 000,000,214 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_01.12.2010_22-19drv.spi
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/01 23:04:16 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2010/12/01 21:59:25 | 000,551,317 | ---- | M] () -- C:\Users\Honza\Desktop\Ondra- 11 let 002.jpg
[2010/12/01 19:37:48 | 000,001,280 | ---- | M] () -- C:\Users\Honza\Desktop\Spybot - Search & Destroy.lnk
[2010/12/01 19:16:57 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 0.9.7 (r3878).lnk
[2010/11/29 21:11:20 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/28 01:27:40 | 000,000,362 | -H-- | M] () -- C:\IPH.PH
[2010/11/28 01:27:35 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/11/21 15:58:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/11/21 15:58:53 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/11/21 15:58:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/11/21 15:58:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/11/14 07:02:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1529831411-2451317978-2118409538-1001Core.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/02 16:15:09 | 000,000,214 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_01.12.2010_22-19drv.spi
[2010/12/01 21:58:50 | 000,551,317 | ---- | C] () -- C:\Users\Honza\Desktop\Ondra- 11 let 002.jpg
[2010/12/01 19:37:48 | 000,001,280 | ---- | C] () -- C:\Users\Honza\Desktop\Spybot - Search & Destroy.lnk
[2010/12/01 19:16:57 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 0.9.7 (r3878).lnk
[2010/11/28 01:27:35 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/11/28 01:27:25 | 000,000,362 | -H-- | C] () -- C:\IPH.PH
[2010/11/02 21:33:58 | 000,001,437 | ---- | C] () -- C:\Users\Honza\odysea.txt
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/08/24 09:33:14 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2010/08/24 09:33:14 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2010/08/24 09:23:07 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll
[2010/08/24 09:23:07 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll
[2010/07/09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010/07/02 00:17:17 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010/06/25 19:07:51 | 000,053,248 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\chrtmp
[2010/06/22 19:29:11 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/06/19 15:09:24 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010/06/15 19:38:41 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/06/13 08:56:47 | 000,013,312 | ---- | C] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/10 15:30:34 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\np_plugin.dll
[2010/05/30 20:00:48 | 000,000,000 | ---- | C] () -- C:\ProgramData\driverinfo.txt
[2010/05/05 11:02:19 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2009/09/30 00:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/07/23 17:50:52 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/07/23 17:46:38 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
========== LOP Check ==========
[2010/11/28 01:28:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\acccore
[2010/10/03 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Acoustica
[2010/09/08 15:43:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Allstar
[2010/10/02 19:20:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Antares
[2010/11/25 21:03:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Audacity
[2010/12/01 23:23:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\BITS
[2010/05/19 19:20:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2010/06/18 14:44:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Facebook
[2010/06/15 19:37:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGet
[2010/06/15 19:37:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGetBHO
[2010/07/02 11:16:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hardcore
[2010/11/27 22:48:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ICQ
[2010/07/02 11:12:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Juce VST Host
[2010/06/13 10:48:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LG Electronics
[2010/09/01 19:06:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LolClient
[2010/07/02 10:38:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\MAGIX
[2010/05/22 17:20:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\My Battle for Middle-earth II Files
[2010/08/22 18:01:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Opera
[2010/10/02 19:30:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PACE Anti-Piracy
[2010/07/08 23:14:13 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2010/06/25 13:34:55 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar
[2010/10/17 13:30:54 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Rainmeter
[2010/07/02 11:13:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sawer
[2010/07/09 21:43:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2010/10/17 14:12:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Stardock
[2010/06/29 18:26:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2010/07/05 13:27:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ubisoft
[2010/05/08 10:12:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2010/09/10 16:41:50 | 000,032,534 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HPADVISOR" = C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW -- [2009/09/30 00:26:44 | 001,685,048 | ---- | M] (Hewlett-Packard)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"FlashGet 3" = "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize -- [2010/05/11 08:36:18 | 002,385,456 | ---- | M] (Trend Media Corporation Limited)
"Skype" = "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010/09/02 14:15:04 | 013,351,304 | R--- | M] (Skype Technologies S.A.)
"Google Update" = "C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/09/29 16:52:48 | 000,136,176 | ---- | M] (Google Inc.)
"Aim" = "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US -- [2010/10/13 00:11:42 | 004,258,136 | ---- | M] (AOL Inc.)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited)
< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010/11/28 01:28:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\acccore
[2010/10/03 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Acoustica
[2010/08/08 21:08:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe
[2010/06/22 19:29:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ahead
[2010/09/08 15:43:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Allstar
[2010/10/02 19:20:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Antares
[2010/05/14 13:15:55 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Apple Computer
[2010/11/25 21:03:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Audacity
[2010/12/01 23:23:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\BITS
[2010/05/19 19:20:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2010/07/02 10:24:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DivX
[2010/06/18 14:44:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Facebook
[2010/06/15 19:37:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGet
[2010/06/15 19:37:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGetBHO
[2010/07/12 18:17:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GRETECH
[2010/10/11 20:24:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hamachi
[2010/07/02 11:16:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hardcore
[2010/04/27 13:45:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hewlett-Packard
[2010/11/27 22:48:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ICQ
[2010/04/20 15:33:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Identities
[2010/06/13 10:46:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\InstallShield
[2010/07/02 11:12:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Juce VST Host
[2010/06/13 10:48:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LG Electronics
[2010/09/01 19:06:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LolClient
[2010/04/20 17:05:45 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macromedia
[2010/07/02 10:38:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\MAGIX
[2009/07/14 08:45:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Media Center Programs
[2010/10/29 02:11:00 | 000,000,000 | --SD | M] -- C:\Users\Honza\AppData\Roaming\Microsoft
[2010/04/20 15:39:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2010/05/22 17:20:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\My Battle for Middle-earth II Files
[2010/08/22 18:01:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Opera
[2010/10/02 19:30:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PACE Anti-Piracy
[2010/07/08 23:14:13 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2010/06/25 13:34:55 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar
[2010/10/17 13:30:54 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Rainmeter
[2010/07/02 11:13:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sawer
[2010/04/23 14:01:11 | 000,000,000 | RH-D | M] -- C:\Users\Honza\AppData\Roaming\SecuROM
[2010/12/02 19:04:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Skype
[2010/12/02 18:53:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\skypePM
[2010/07/09 21:43:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2010/10/17 14:12:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Stardock
[2010/06/29 18:26:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2010/07/05 13:27:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ubisoft
[2010/05/08 10:12:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2010/10/24 15:55:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Winamp
[2010/04/20 17:53:54 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\WinRAR
[2010/10/04 22:05:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Xfire
< %APPDATA%\*.exe /s >
[2010/06/18 14:44:53 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Honza\AppData\Roaming\Facebook\uninstall.exe
[2010/06/13 10:50:57 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ARPPRODUCTICON.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ExeInvoker.exe_431B2BA896014E69B34114BFD8E7B136.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ExeLauncher.exe_5933C76ED597469A944A1DFEB496348C.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ExeRemover.exe_5C5473BE36444FA89D0788993908FE0F.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\InstallUSB.exe_0912055C2AF14064B183AEB6F12A2FCB.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\InstallUSB64.exe_9C05A9D45C0842CF949276F7724FAEC9.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\InstallUSB9x.exe_F776472D82DA4AFDAFD0AAF1CF858DF7.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallShld.exe_DC44F1F136264642BD94B64FFC464DD7.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallShld64.ex_A20ACFB15A794B1C9E6A3DFBB9D252B8.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallShld9x.ex_8E637EE98DAB4D9CB1D54202EAD617F4.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallUSB.exe_CC88D403E3234E61A79375366C5599C5.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallUSB64.exe_135957F0A3F84224B026EA24C7F4E26D.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallUSB9x.exe_001C2C6090FF48C495F16AE3FD1ED9C9.exe
[2009/06/04 12:51:24 | 001,413,256 | R--- | M] () -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Templates\L\USBAutoRun.exe
[2009/05/12 07:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Templates\L\tools\LGSetCDROMAutoRun.exe
[2010/06/13 14:42:48 | 000,704,248 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar\unins000.exe
[2010/03/03 14:00:50 | 000,045,304 | ---- | M] (Andreas Breitschopp - Softwareentwicklung und -vertrieb) -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar\Update.exe
< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\SysWOW64\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\SysWOW64\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\windows\SysWOW64\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\windows\SysWOW64\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=8EF0DF654A5D49F40018464F37CC061D -- C:\windows\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTOR.SYS >
[2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\swsetup\Drivers\MSD\Intel\IaStor.sys
[2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys
< MD5 for: IASTORV.SYS >
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
< MD5 for: NDIS.SYS >
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\windows\SysWOW64\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\windows\SysWOW64\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010/11/29 21:11:20 | 000,075,136 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrA.exe
[2010/12/01 23:04:16 | 000,103,736 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrB.ex0
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrB.exe
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrB.xtr
[2010/12/02 09:58:19 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWOW64\wininit.exe
< End of report >
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2010/12/02 19:03:29 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010/12/01 21:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/12/01 20:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/12/01 19:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/12/01 19:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/12/01 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\PCSX2
[2010/12/01 19:21:18 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\PCSX2
[2010/12/01 19:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.7
[2010/11/28 01:27:39 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\acccore
[2010/11/28 01:27:38 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\AIM
[2010/11/28 01:27:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2010/11/28 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2010/11/28 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2010/11/28 01:27:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AOL
[2010/11/21 15:59:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/11/21 15:58:59 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/11/21 15:58:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/11/21 15:58:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/11/17 00:32:13 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010/11/17 00:32:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/11/17 00:32:13 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010/11/12 15:38:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2010/11/10 16:37:34 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Activision
[2010/11/03 17:01:53 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\HYL
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/12/02 19:05:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/02 19:05:07 | 2140,491,775 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/02 19:03:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010/12/02 19:02:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1529831411-2451317978-2118409538-1001UA.job
[2010/12/02 18:59:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/02 18:59:59 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/02 18:58:49 | 005,360,626 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/12/02 18:58:49 | 002,240,018 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/02 18:58:49 | 001,717,574 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/12/02 18:58:49 | 001,656,862 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/02 18:58:49 | 000,005,218 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/02 16:15:09 | 000,000,214 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_01.12.2010_22-19drv.spi
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/01 23:04:16 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2010/12/01 21:59:25 | 000,551,317 | ---- | M] () -- C:\Users\Honza\Desktop\Ondra- 11 let 002.jpg
[2010/12/01 19:37:48 | 000,001,280 | ---- | M] () -- C:\Users\Honza\Desktop\Spybot - Search & Destroy.lnk
[2010/12/01 19:16:57 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 0.9.7 (r3878).lnk
[2010/11/29 21:11:20 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/28 01:27:40 | 000,000,362 | -H-- | M] () -- C:\IPH.PH
[2010/11/28 01:27:35 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/11/21 15:58:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/11/21 15:58:53 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/11/21 15:58:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/11/21 15:58:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/11/14 07:02:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1529831411-2451317978-2118409538-1001Core.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/02 16:15:09 | 000,000,214 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_01.12.2010_22-19drv.spi
[2010/12/01 21:58:50 | 000,551,317 | ---- | C] () -- C:\Users\Honza\Desktop\Ondra- 11 let 002.jpg
[2010/12/01 19:37:48 | 000,001,280 | ---- | C] () -- C:\Users\Honza\Desktop\Spybot - Search & Destroy.lnk
[2010/12/01 19:16:57 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 0.9.7 (r3878).lnk
[2010/11/28 01:27:35 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/11/28 01:27:25 | 000,000,362 | -H-- | C] () -- C:\IPH.PH
[2010/11/02 21:33:58 | 000,001,437 | ---- | C] () -- C:\Users\Honza\odysea.txt
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/08/24 09:33:14 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2010/08/24 09:33:14 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2010/08/24 09:23:07 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll
[2010/08/24 09:23:07 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll
[2010/07/09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010/07/02 00:17:17 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010/06/25 19:07:51 | 000,053,248 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\chrtmp
[2010/06/22 19:29:11 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/06/19 15:09:24 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010/06/15 19:38:41 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/06/13 08:56:47 | 000,013,312 | ---- | C] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/10 15:30:34 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\np_plugin.dll
[2010/05/30 20:00:48 | 000,000,000 | ---- | C] () -- C:\ProgramData\driverinfo.txt
[2010/05/05 11:02:19 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2009/09/30 00:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/07/23 17:50:52 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/07/23 17:46:38 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
========== LOP Check ==========
[2010/11/28 01:28:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\acccore
[2010/10/03 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Acoustica
[2010/09/08 15:43:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Allstar
[2010/10/02 19:20:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Antares
[2010/11/25 21:03:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Audacity
[2010/12/01 23:23:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\BITS
[2010/05/19 19:20:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2010/06/18 14:44:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Facebook
[2010/06/15 19:37:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGet
[2010/06/15 19:37:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGetBHO
[2010/07/02 11:16:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hardcore
[2010/11/27 22:48:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ICQ
[2010/07/02 11:12:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Juce VST Host
[2010/06/13 10:48:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LG Electronics
[2010/09/01 19:06:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LolClient
[2010/07/02 10:38:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\MAGIX
[2010/05/22 17:20:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\My Battle for Middle-earth II Files
[2010/08/22 18:01:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Opera
[2010/10/02 19:30:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PACE Anti-Piracy
[2010/07/08 23:14:13 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2010/06/25 13:34:55 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar
[2010/10/17 13:30:54 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Rainmeter
[2010/07/02 11:13:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sawer
[2010/07/09 21:43:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2010/10/17 14:12:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Stardock
[2010/06/29 18:26:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2010/07/05 13:27:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ubisoft
[2010/05/08 10:12:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2010/09/10 16:41:50 | 000,032,534 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HPADVISOR" = C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW -- [2009/09/30 00:26:44 | 001,685,048 | ---- | M] (Hewlett-Packard)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"FlashGet 3" = "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize -- [2010/05/11 08:36:18 | 002,385,456 | ---- | M] (Trend Media Corporation Limited)
"Skype" = "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010/09/02 14:15:04 | 013,351,304 | R--- | M] (Skype Technologies S.A.)
"Google Update" = "C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/09/29 16:52:48 | 000,136,176 | ---- | M] (Google Inc.)
"Aim" = "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US -- [2010/10/13 00:11:42 | 004,258,136 | ---- | M] (AOL Inc.)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited)
< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010/11/28 01:28:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\acccore
[2010/10/03 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Acoustica
[2010/08/08 21:08:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe
[2010/06/22 19:29:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ahead
[2010/09/08 15:43:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Allstar
[2010/10/02 19:20:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Antares
[2010/05/14 13:15:55 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Apple Computer
[2010/11/25 21:03:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Audacity
[2010/12/01 23:23:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\BITS
[2010/05/19 19:20:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2010/07/02 10:24:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DivX
[2010/06/18 14:44:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Facebook
[2010/06/15 19:37:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGet
[2010/06/15 19:37:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGetBHO
[2010/07/12 18:17:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GRETECH
[2010/10/11 20:24:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hamachi
[2010/07/02 11:16:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hardcore
[2010/04/27 13:45:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hewlett-Packard
[2010/11/27 22:48:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ICQ
[2010/04/20 15:33:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Identities
[2010/06/13 10:46:43 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\InstallShield
[2010/07/02 11:12:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Juce VST Host
[2010/06/13 10:48:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LG Electronics
[2010/09/01 19:06:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LolClient
[2010/04/20 17:05:45 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macromedia
[2010/07/02 10:38:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\MAGIX
[2009/07/14 08:45:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Media Center Programs
[2010/10/29 02:11:00 | 000,000,000 | --SD | M] -- C:\Users\Honza\AppData\Roaming\Microsoft
[2010/04/20 15:39:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2010/05/22 17:20:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\My Battle for Middle-earth II Files
[2010/08/22 18:01:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Opera
[2010/10/02 19:30:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PACE Anti-Piracy
[2010/07/08 23:14:13 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2010/06/25 13:34:55 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar
[2010/10/17 13:30:54 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Rainmeter
[2010/07/02 11:13:30 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sawer
[2010/04/23 14:01:11 | 000,000,000 | RH-D | M] -- C:\Users\Honza\AppData\Roaming\SecuROM
[2010/12/02 19:04:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Skype
[2010/12/02 18:53:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\skypePM
[2010/07/09 21:43:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2010/10/17 14:12:57 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Stardock
[2010/06/29 18:26:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2010/07/05 13:27:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ubisoft
[2010/05/08 10:12:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2010/10/24 15:55:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Winamp
[2010/04/20 17:53:54 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\WinRAR
[2010/10/04 22:05:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Xfire
< %APPDATA%\*.exe /s >
[2010/06/18 14:44:53 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Honza\AppData\Roaming\Facebook\uninstall.exe
[2010/06/13 10:50:57 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ARPPRODUCTICON.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ExeInvoker.exe_431B2BA896014E69B34114BFD8E7B136.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ExeLauncher.exe_5933C76ED597469A944A1DFEB496348C.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\ExeRemover.exe_5C5473BE36444FA89D0788993908FE0F.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\InstallUSB.exe_0912055C2AF14064B183AEB6F12A2FCB.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\InstallUSB64.exe_9C05A9D45C0842CF949276F7724FAEC9.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\InstallUSB9x.exe_F776472D82DA4AFDAFD0AAF1CF858DF7.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallShld.exe_DC44F1F136264642BD94B64FFC464DD7.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallShld64.ex_A20ACFB15A794B1C9E6A3DFBB9D252B8.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallShld9x.ex_8E637EE98DAB4D9CB1D54202EAD617F4.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallUSB.exe_CC88D403E3234E61A79375366C5599C5.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallUSB64.exe_135957F0A3F84224B026EA24C7F4E26D.exe
[2010/06/13 10:50:57 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}\UninstallUSB9x.exe_001C2C6090FF48C495F16AE3FD1ED9C9.exe
[2009/06/04 12:51:24 | 001,413,256 | R--- | M] () -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Templates\L\USBAutoRun.exe
[2009/05/12 07:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Templates\L\tools\LGSetCDROMAutoRun.exe
[2010/06/13 14:42:48 | 000,704,248 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar\unins000.exe
[2010/03/03 14:00:50 | 000,045,304 | ---- | M] (Andreas Breitschopp - Softwareentwicklung und -vertrieb) -- C:\Users\Honza\AppData\Roaming\QuickStoresToolbar\Update.exe
< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\SysWOW64\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\SysWOW64\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\windows\SysWOW64\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\windows\SysWOW64\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\windows\SysWOW64\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=8EF0DF654A5D49F40018464F37CC061D -- C:\windows\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTOR.SYS >
[2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\swsetup\Drivers\MSD\Intel\IaStor.sys
[2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys
< MD5 for: IASTORV.SYS >
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
< MD5 for: NDIS.SYS >
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\SysWOW64\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\windows\SysWOW64\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\windows\SysWOW64\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010/11/29 21:11:20 | 000,075,136 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrA.exe
[2010/12/01 23:04:16 | 000,103,736 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrB.ex0
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrB.exe
[2010/12/01 23:04:35 | 000,269,032 | ---- | M] () -- C:\windows\SysWOW64\PnkBstrB.xtr
[2010/12/02 09:58:19 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWOW64\wininit.exe
< End of report >
Re: Win32:Bamital-AO
Extras.txt :
OTL Extras logfile created on: 12/2/2010 7:08:31 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Honza\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8.00 Gb Total Physical Memory | 7.00 Gb Available Physical Memory | 83.00% Memory free
16.00 Gb Paging File | 15.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.28 Gb Total Space | 529.02 Gb Free Space | 57.42% Space Free | Partition Type: NTFS
Drive D: | 8.22 Gb Total Space | 0.80 Gb Free Space | 9.71% Space Free | Partition Type: NTFS
Computer Name: HONZA-HP | User Name: Honza | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"81AE60DDD229A248055515E311406D86F7E4012A" = Balíček ovladače systému Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Speccy" = Speccy
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{18E65799-76BD-46EF-9E53-972FE5A40736}" = Opera 10.62
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{415807D5-45E8-4635-A5A9-C81000008400}" = BLAZBLUE -CALAMITY TRIGGER-
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}" = HP Support Assistant
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = The Settlers 7 - Paths to a Kingdom
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AF145F8997B44EE9B106D018EF1DB58B}" = DivX Converter Mobile
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6A1D7F6-79CB-4159-AF03-F21F28080B97}" = Windows Live Toolbar
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}" = Antares Auto-Tune Evo VST
"AC Tool" = AC Tool
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 4.1" = Acoustica Mixcraft 4.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"Akamai" = Akamai NetSession Interface
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"avast5" = avast! Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"FlashGet 3.5" = FlashGet 3.5
"FormatFactory" = FormatFactory 2.30
"GameParkClient_is1" = GamePark
"Garena" = Garena 2010
"GFWL_{415807D5-45E8-4635-A5A9-C81000008400}" = BLAZBLUE -CALAMITY TRIGGER-
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GOM Player" = GOM Player
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"HL2" = Horké léto 2 (odinstalovat)
"ICQToolbar" = ICQ Toolbar
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"League of Legends_is1" = League of Legends
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"pcsx2-r3878" = PCSX2 - Playstation 2 Emulator
"PDF Complete" = PDF Complete Special Edition
"PROHYBRIDR" = 2007 Microsoft Office system
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.0.0
"Rainmeter" = Rainmeter (remove only)
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Silkroad" = Silkroad
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed
"StarCraft II" = StarCraft II
"TeamViewer 5" = TeamViewer 5
"Update Service" = Update Service
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VST Bridge_is1" = VST Bridge 1.1
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft Beta" = World of Warcraft Beta
"Xfire" = Xfire (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
"World of Warcraft Trial" = World of Warcraft Trial
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL Extras logfile created on: 12/2/2010 7:08:31 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Honza\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8.00 Gb Total Physical Memory | 7.00 Gb Available Physical Memory | 83.00% Memory free
16.00 Gb Paging File | 15.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.28 Gb Total Space | 529.02 Gb Free Space | 57.42% Space Free | Partition Type: NTFS
Drive D: | 8.22 Gb Total Space | 0.80 Gb Free Space | 9.71% Space Free | Partition Type: NTFS
Computer Name: HONZA-HP | User Name: Honza | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"81AE60DDD229A248055515E311406D86F7E4012A" = Balíček ovladače systému Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Speccy" = Speccy
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{18E65799-76BD-46EF-9E53-972FE5A40736}" = Opera 10.62
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{415807D5-45E8-4635-A5A9-C81000008400}" = BLAZBLUE -CALAMITY TRIGGER-
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}" = HP Support Assistant
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = The Settlers 7 - Paths to a Kingdom
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AF145F8997B44EE9B106D018EF1DB58B}" = DivX Converter Mobile
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6A1D7F6-79CB-4159-AF03-F21F28080B97}" = Windows Live Toolbar
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}" = Antares Auto-Tune Evo VST
"AC Tool" = AC Tool
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 4.1" = Acoustica Mixcraft 4.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"Akamai" = Akamai NetSession Interface
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"avast5" = avast! Free Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"FlashGet 3.5" = FlashGet 3.5
"FormatFactory" = FormatFactory 2.30
"GameParkClient_is1" = GamePark
"Garena" = Garena 2010
"GFWL_{415807D5-45E8-4635-A5A9-C81000008400}" = BLAZBLUE -CALAMITY TRIGGER-
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GOM Player" = GOM Player
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"HL2" = Horké léto 2 (odinstalovat)
"ICQToolbar" = ICQ Toolbar
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}" = Rise Of Legends
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"League of Legends_is1" = League of Legends
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"pcsx2-r3878" = PCSX2 - Playstation 2 Emulator
"PDF Complete" = PDF Complete Special Edition
"PROHYBRIDR" = 2007 Microsoft Office system
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.0.0
"Rainmeter" = Rainmeter (remove only)
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Silkroad" = Silkroad
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed
"StarCraft II" = StarCraft II
"TeamViewer 5" = TeamViewer 5
"Update Service" = Update Service
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VST Bridge_is1" = VST Bridge 1.1
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft Beta" = World of Warcraft Beta
"Xfire" = Xfire (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1529831411-2451317978-2118409538-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
"World of Warcraft Trial" = World of Warcraft Trial
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Win32:Bamital-AO
Do spodního okna zkopírujte:
a klikněte na "Opravit".:OTL
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Program Files (x86)\Common Files\Akamai
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Win32:Bamital-AO
Provedeno vyjelo tohle:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ deleted successfully.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ not found.
Invalid CLSID key: *
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP588B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE34C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI567F.tmp moved successfully.
C:\WINDOWS\Installer\MSID388.tmp moved successfully.
C:\WINDOWS\Installer\MSIF650.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt2361.tmp moved successfully.
C:\Program Files (x86)\Common Files\Akamai\Logs folder moved successfully.
C:\Program Files (x86)\Common Files\Akamai\Cache\InSoft EDV-Systeme und Handelsgesellschaft mbH folder moved successfully.
C:\Program Files (x86)\Common Files\Akamai\Cache folder moved successfully.
C:\Program Files (x86)\Common Files\Akamai folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Honza
->Temp folder emptied: 805935 bytes
->Temporary Internet Files folder emptied: 1637178 bytes
->Java cache emptied: 9350659 bytes
->FireFox cache emptied: 46047303 bytes
->Google Chrome cache emptied: 13196666 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 6063 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 77208 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 50372989792 bytes
Total Files Cleaned = 48,107.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Honza
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12022010_204114
Files\Folders moved on Reboot...
C:\Users\Honza\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ deleted successfully.
Invalid CLSID key: *
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\*\ not found.
Invalid CLSID key: *
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP588B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE34C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI567F.tmp moved successfully.
C:\WINDOWS\Installer\MSID388.tmp moved successfully.
C:\WINDOWS\Installer\MSIF650.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt2361.tmp moved successfully.
C:\Program Files (x86)\Common Files\Akamai\Logs folder moved successfully.
C:\Program Files (x86)\Common Files\Akamai\Cache\InSoft EDV-Systeme und Handelsgesellschaft mbH folder moved successfully.
C:\Program Files (x86)\Common Files\Akamai\Cache folder moved successfully.
C:\Program Files (x86)\Common Files\Akamai folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Honza
->Temp folder emptied: 805935 bytes
->Temporary Internet Files folder emptied: 1637178 bytes
->Java cache emptied: 9350659 bytes
->FireFox cache emptied: 46047303 bytes
->Google Chrome cache emptied: 13196666 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 6063 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 77208 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 50372989792 bytes
Total Files Cleaned = 48,107.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Honza
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12022010_204114
Files\Folders moved on Reboot...
C:\Users\Honza\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Přispějete na provoz fóra?