Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zřejmě FB vir

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

zřejmě FB vir

#1 Příspěvek od t0m4sb3r4n218 »

Zdravím, včera jsem si psal přes FB s kamarádkou (vím na 100% že to nebyl bot, znám jí osobně :-) ), ale posílali jsme si navzájem různé odkazy na videa na youtube. No a během toho mi můj eset smart security začal hlásit nějakou havěť, moc jsem si toho nevšímal, i po tom co mi to antivir nahlásil šlo video normálně spustit, takže jsem si myslel že to byl jen nějaký bordel který antivir zachytil a že je vše v pořádku. Pak se mi ale na ploše objevil zástupce McAfee Security Scan Plus. Bylo mi jasné, že to není žádný antivir a raději jsem s ním nic nedělal, nespouštěl, ani jsem se ho nesnažil odinstalovat. Jinak počítač funguje bez problémů ani jsem nezaznamenal žádné zpomalení nebo podobně. Přesto bych byl ale rád kdyby jste se pro jistotu podívali na můj log. Díky

A ještě navíc jsem udělal jednu věc, které se docela bojím. Jednou jsem youtube otevřel i na mobilu (Samsung Galaxy S, Android 2.2.1) a potom si z youtube přes PC stáhl do mobilu jedno video. Po tom co jsem si přečetl články o virech na youtube a FB jsem ho hned smazal. Bojím se, aby nezačal vir dělat nějaký bordel i tam, pokud tam teda nějaký je :-)

log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomáš at 2011-07-28 11:04:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 49 GB (32%) free of 153 GB
Total RAM: 4027 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:04:44, on 28.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ICQ7.5\ICQ.exe
C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=centrum
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2775828964-2842721151-1777855503-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2775828964-2842721151-1777855503-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Aktualizovat ESET licenci.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://D:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://D:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\Windows\system32\ANIWConnService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - D:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13209 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\ANIWConnService.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-01521a35-6975-4176-8a62-d2efe0b7392b -SystemEventPortName:HostProcess-c6fad880-2f1a-42a6-80d6-f9f787dc440a -IoCancelEventPortName:HostProcess-9f6532d8-9396-431d-8cd2-a76b247a0f12 -NonStateChangingEventPortName:HostProcess-f2918607-c4ec-4a72-81fe-c822e816cd5b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:390a9e69-a6c5-4c5f-b23f-27cbd55fe71c
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 1116
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
"C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe"
"C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
"C:\Windows\System32\rundll32.exe" P17RunE.dll,RunDLLEntry
"C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3500.131f1c20.971573709 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.5.0" -omnijar C:\Program Files (x86)\Mozilla Firefox\omni.jar 3500 \\.\pipe\gecko-crash-server-pipe.3500 plugin
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2775828964-2842721151-1777855503-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2775828964-2842721151-1777855503-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.2.6&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@protectdisc.com/NPMPDRM]
"Description"=MPDRM License Acquisition Plugin
"Path"=C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\
toolbar@ask.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-11-18 2919168]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"AsioThk32Reg"=C:\Windows\SYSWOW64\REGSVR32.EXE [2009-07-14 14848]
"DevconDefaultDB"=C:\Windows\system32\READREG /PSCONV={NO} /FAIL=1 []
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"=C:\Windows\system32\MIDIDef.exe [2005-08-03 35840]
"DevconDefaultDB"=C:\Windows\system32\READREG /SILENT /FAIL=1 []
"Google Update"=C:\Users\Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-03 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"ICQ"=C:\Program Files (x86)\ICQ7.5\ICQ.exe [2011-07-24 124216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-01-29 888120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-01-29 3372856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-11-09 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-12-25 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"D-Link D-Link Wireless G DWL-G122_DWA-110"=C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe [2009-09-18 1708032]
"WZCSLDR2"=C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe []
"AsioReg"=REGSVR32 /S CTASIO.DLL []
"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-02-28 180224]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"ANIWZCS2Service"=C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2009-08-21 98304]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-04-14 421160]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-28 10:40:45 ----D---- C:\Program Files\trend micro
2011-07-28 10:40:44 ----D---- C:\rsit
2011-07-26 11:38:55 ----D---- C:\ProgramData\McAfee Security Scan
2011-07-26 11:38:55 ----D---- C:\ProgramData\McAfee
2011-07-26 11:38:52 ----D---- C:\Program Files (x86)\McAfee Security Scan
2011-07-26 11:38:51 ----D---- C:\ProgramData\YouTube Downloader
2011-07-26 11:38:48 ----D---- C:\Program Files (x86)\YouTube Downloader
2011-07-25 17:12:54 ----D---- C:\Python32
2011-07-24 23:46:45 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2011-07-24 23:46:41 ----D---- C:\ProgramData\ICQ
2011-07-24 23:46:24 ----D---- C:\Program Files (x86)\ICQ7.5
2011-07-24 21:51:38 ----D---- C:\Users\Tomáš\AppData\Roaming\Winamp
2011-07-24 21:51:38 ----D---- C:\Program Files (x86)\Winamp
2011-07-24 21:42:53 ----D---- C:\Program Files (x86)\piPOol
2011-07-16 19:36:12 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-07-16 19:36:12 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 13:08:13 ----A---- C:\Windows\system32\win32k.sys
2011-07-16 13:08:08 ----A---- C:\Windows\system32\wow64win.dll
2011-07-16 13:08:08 ----A---- C:\Windows\system32\kernel32.dll
2011-07-16 13:08:08 ----A---- C:\Windows\system32\conhost.exe
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-07-16 13:08:07 ----A---- C:\Windows\system32\wow64cpu.dll
2011-07-16 13:08:07 ----A---- C:\Windows\system32\wow64.dll
2011-07-16 13:08:07 ----A---- C:\Windows\system32\winsrv.dll
2011-07-16 13:08:07 ----A---- C:\Windows\system32\ntvdm64.dll
2011-07-16 13:08:05 ----A---- C:\Windows\SYSWOW64\user.exe
2011-07-01 14:25:41 ----D---- C:\Downloads
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-06-29 14:57:22 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 14:57:21 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 14:57:21 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 14:57:20 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-06-29 14:57:20 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-06-29 14:57:20 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 14:57:20 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-06-29 14:57:19 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 14:57:19 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 14:57:19 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 14:57:19 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 14:57:18 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-06-29 14:57:18 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-06-29 14:57:18 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-06-29 14:57:18 ----A---- C:\Windows\system32\msscntrs.dll

======List of files/folders modified in the last 1 month======

2011-07-28 11:04:43 ----D---- C:\Windows\Temp
2011-07-28 10:52:09 ----D---- C:\Windows\Prefetch
2011-07-28 10:52:08 ----D---- C:\Windows\system32\config
2011-07-28 10:52:05 ----SHD---- C:\Windows\Installer
2011-07-28 10:52:05 ----SHD---- C:\Config.Msi
2011-07-28 10:52:05 ----D---- C:\Program Files (x86)\Microsoft Office
2011-07-28 10:51:57 ----SHD---- C:\System Volume Information
2011-07-28 10:40:45 ----RD---- C:\Program Files
2011-07-28 10:10:45 ----D---- C:\ProgramData\NVIDIA
2011-07-26 21:27:43 ----D---- C:\Windows\System32
2011-07-26 21:27:43 ----D---- C:\Windows\inf
2011-07-26 21:27:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-26 11:38:55 ----HD---- C:\ProgramData
2011-07-26 11:38:52 ----RD---- C:\Program Files (x86)
2011-07-25 17:24:14 ----D---- C:\Users\Tomáš\AppData\Roaming\ICQ
2011-07-25 17:13:06 ----SD---- C:\Users\Tomáš\AppData\Roaming\Microsoft
2011-07-24 23:46:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-07-24 16:27:17 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2011-07-24 16:02:57 ----D---- C:\Users\Tomáš\AppData\Roaming\skypePM
2011-07-24 15:45:33 ----D---- C:\Program Files (x86)\Opera
2011-07-18 18:12:11 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-07-17 15:58:15 ----D---- C:\Users\Tomáš\AppData\Roaming\BitComet
2011-07-17 10:37:28 ----D---- C:\Windows
2011-07-17 10:37:24 ----D---- C:\Windows\winsxs
2011-07-17 10:35:04 ----D---- C:\Windows\system32\drivers
2011-07-17 10:32:34 ----D---- C:\Windows\SysWOW64
2011-07-17 10:32:32 ----D---- C:\Windows\AppPatch
2011-07-17 10:32:31 ----D---- C:\Windows\system32\DriverStore
2011-07-16 23:29:58 ----A---- C:\Windows\system32\MRT.exe
2011-07-16 19:35:02 ----D---- C:\Windows\system32\catroot
2011-07-16 19:35:01 ----D---- C:\Windows\system32\catroot2
2011-07-01 08:27:06 ----D---- C:\Windows\system32\NDF
2011-06-30 13:18:00 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 anodlwf;ANOD Network Security Filter driver; C:\Windows\system32\DRIVERS\anodlwfx.sys [2009-03-06 15872]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-17 254528]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 91568]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-04-07 314016]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 171152]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 50624]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-04-07 43680]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 33632]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-02-25 33344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-04-05 1265152]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB64.sys [2009-06-10 1627520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
S2 ANIO;ANIO Service; \??\c:\windows\SysWOW64\ANIO64.sys [2009-02-09 48640]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [2005-08-03 151552]
S3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2005-08-03 573952]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2005-08-03 738560]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [2005-08-03 695808]
S3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [2005-08-03 208896]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [2005-08-03 316928]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [2005-08-03 169472]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [2005-08-03 356864]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2010-03-18 26328]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2005-08-03 9728]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [2005-08-03 676864]
S3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2005-08-03 284160]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2005-08-03 130048]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2005-08-03 1300480]
S3 kxwdmdrv;kX WDM Driver Service; C:\Windows\system32\drivers\kx.sys []
S3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\Dnetr28ux.sys [2009-08-05 987648]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2005-08-03 205824]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2010-12-21 125416]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-12-21 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2010-12-21 159208]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANIWConnService;ANIWConn Service; C:\Windows\syswow64\ANIWConnService.exe [2009-07-07 151552]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-18 810144]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 1012328]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-04 75136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 934176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; D:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-11-18 42360]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-12-25 403240]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1255736]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zřejmě FB vir

#2 Příspěvek od vyosek »

Zdravim a pekny den preji :)

Kdyz mate ten ESS cracknuty, tak se nedivte, ze Vas neochrani...

Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek, pachate trestny cin a ten jako takovy nebude nasim forem podporovan. Uvedomte si, ze jste na bezpecnostnim foru - podpora warezu (zvlaste bezpecnostnich programu) by byla zcela proti logice fora :!:

takze co ted s tim :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#3 Příspěvek od t0m4sb3r4n218 »

věděl jsem že to takhle dopadne :-( :D

já ale nechci abyste se zabývali mým antivirem, ale viry, které mám v počítači ;-)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zřejmě FB vir

#4 Příspěvek od vyosek »

:arrow: Pokud tam nechame cracknuty antivir, tak tim podporujem porusovani legislativy...

:arrow: Pokud chcete pomoci, odinstalujte ESS, dejte free reseni v podobe Avastu, Aviry ci MSE

:arrow: Pote novy og z RSITu

:arrow: Stahnete na plochu CKScanner
  • Spustte a kliknete na Search for files
  • Po dokonceni skenu kliknete na Save List to File a nasledne OK
  • Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#5 Příspěvek od t0m4sb3r4n218 »

zdá se že nemám na výběr :D

RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomáš at 2011-07-28 12:12:01
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 49 GB (32%) free of 153 GB
Total RAM: 4027 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:12:02, on 28.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=centrum
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2775828964-2842721151-1777855503-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2775828964-2842721151-1777855503-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://D:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://D:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\Windows\system32\ANIWConnService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - D:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13333 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\SysWOW64\ANIWConnService.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe"
"C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe"
"C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
"C:\Windows\System32\rundll32.exe" P17RunE.dll,RunDLLEntry
"C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea1c77c7-cbd2-4f28-a5e6-f13c845332ca -SystemEventPortName:HostProcess-71732479-71cc-46b5-af85-b1fee7011e3e -IoCancelEventPortName:HostProcess-e394d16d-613a-4389-be9b-e142f383bce6 -NonStateChangingEventPortName:HostProcess-14f64fd8-9ddd-48d5-8c5d-269aefced055 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:223ef112-24a3-4ddc-a024-834a5b2c8633
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2528
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\splwow64.exe 8192
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2775828964-2842721151-1777855503-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2775828964-2842721151-1777855503-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.2.6&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@protectdisc.com/NPMPDRM]
"Description"=MPDRM License Acquisition Plugin
"Path"=C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\
toolbar@ask.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-07-04 978496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-07-04 978496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"AsioThk32Reg"=C:\Windows\SYSWOW64\REGSVR32.EXE [2009-07-14 14848]
"DevconDefaultDB"=C:\Windows\system32\READREG /PSCONV={NO} /FAIL=1 []
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"=C:\Windows\system32\MIDIDef.exe [2005-08-03 35840]
"DevconDefaultDB"=C:\Windows\system32\READREG /SILENT /FAIL=1 []
"Google Update"=C:\Users\Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-03 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"ICQ"=C:\Program Files (x86)\ICQ7.5\ICQ.exe [2011-07-24 124216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-01-29 888120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-01-29 3372856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-11-09 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-12-25 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"D-Link D-Link Wireless G DWL-G122_DWA-110"=C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe [2009-09-18 1708032]
"WZCSLDR2"=C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe []
"AsioReg"=REGSVR32 /S CTASIO.DLL []
"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-02-28 180224]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"ANIWZCS2Service"=C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2009-08-21 98304]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-04-14 421160]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-28 11:58:36 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-07-28 11:58:35 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-07-28 11:58:26 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-07-28 11:58:25 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-07-28 11:58:24 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-07-28 11:58:23 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-07-28 11:58:23 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-28 11:58:10 ----A---- C:\Windows\avastSS.scr
2011-07-28 11:58:09 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-07-28 11:58:04 ----D---- C:\ProgramData\AVAST Software
2011-07-28 11:58:04 ----D---- C:\Program Files\AVAST Software
2011-07-28 10:40:45 ----D---- C:\Program Files\trend micro
2011-07-28 10:40:44 ----D---- C:\rsit
2011-07-26 11:38:55 ----D---- C:\ProgramData\McAfee Security Scan
2011-07-26 11:38:55 ----D---- C:\ProgramData\McAfee
2011-07-26 11:38:52 ----D---- C:\Program Files (x86)\McAfee Security Scan
2011-07-26 11:38:51 ----D---- C:\ProgramData\YouTube Downloader
2011-07-26 11:38:48 ----D---- C:\Program Files (x86)\YouTube Downloader
2011-07-25 17:12:54 ----D---- C:\Python32
2011-07-24 23:46:45 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2011-07-24 23:46:41 ----D---- C:\ProgramData\ICQ
2011-07-24 23:46:24 ----D---- C:\Program Files (x86)\ICQ7.5
2011-07-24 21:51:38 ----D---- C:\Users\Tomáš\AppData\Roaming\Winamp
2011-07-24 21:51:38 ----D---- C:\Program Files (x86)\Winamp
2011-07-24 21:42:53 ----D---- C:\Program Files (x86)\piPOol
2011-07-16 19:36:12 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-07-16 19:36:12 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 19:36:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 19:36:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 13:08:13 ----A---- C:\Windows\system32\win32k.sys
2011-07-16 13:08:08 ----A---- C:\Windows\system32\wow64win.dll
2011-07-16 13:08:08 ----A---- C:\Windows\system32\kernel32.dll
2011-07-16 13:08:08 ----A---- C:\Windows\system32\conhost.exe
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-07-16 13:08:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-07-16 13:08:07 ----A---- C:\Windows\system32\wow64cpu.dll
2011-07-16 13:08:07 ----A---- C:\Windows\system32\wow64.dll
2011-07-16 13:08:07 ----A---- C:\Windows\system32\winsrv.dll
2011-07-16 13:08:07 ----A---- C:\Windows\system32\ntvdm64.dll
2011-07-16 13:08:05 ----A---- C:\Windows\SYSWOW64\user.exe
2011-07-01 14:25:41 ----D---- C:\Downloads
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-06-29 14:57:22 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-06-29 14:57:22 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 14:57:21 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 14:57:21 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 14:57:20 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-06-29 14:57:20 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-06-29 14:57:20 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 14:57:20 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-06-29 14:57:19 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-06-29 14:57:19 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 14:57:19 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 14:57:19 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 14:57:19 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 14:57:18 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-06-29 14:57:18 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-06-29 14:57:18 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-06-29 14:57:18 ----A---- C:\Windows\system32\msscntrs.dll

======List of files/folders modified in the last 1 month======

2011-07-28 12:11:58 ----D---- C:\Windows\Temp
2011-07-28 12:04:38 ----D---- C:\Windows\system32\config
2011-07-28 12:03:04 ----D---- C:\Windows\Prefetch
2011-07-28 12:01:22 ----D---- C:\ProgramData\NVIDIA
2011-07-28 11:59:15 ----SHD---- C:\Windows\Installer
2011-07-28 11:59:09 ----SHD---- C:\Config.Msi
2011-07-28 11:59:08 ----RD---- C:\Program Files
2011-07-28 11:59:08 ----HD---- C:\ProgramData
2011-07-28 11:59:00 ----D---- C:\Windows\system32\DriverStore
2011-07-28 11:59:00 ----D---- C:\Windows\system32\catroot
2011-07-28 11:59:00 ----D---- C:\Windows\inf
2011-07-28 11:58:59 ----D---- C:\Windows\system32\drivers
2011-07-28 11:58:23 ----D---- C:\Windows\SysWOW64
2011-07-28 11:58:23 ----D---- C:\Windows\System32
2011-07-28 11:58:15 ----D---- C:\Program Files (x86)\ESET
2011-07-28 11:58:10 ----D---- C:\Windows
2011-07-28 11:58:01 ----SHD---- C:\System Volume Information
2011-07-28 10:52:05 ----D---- C:\Program Files (x86)\Microsoft Office
2011-07-26 21:27:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-26 11:38:52 ----RD---- C:\Program Files (x86)
2011-07-25 17:24:14 ----D---- C:\Users\Tomáš\AppData\Roaming\ICQ
2011-07-25 17:13:06 ----SD---- C:\Users\Tomáš\AppData\Roaming\Microsoft
2011-07-24 23:46:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-07-24 16:27:17 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2011-07-24 16:02:57 ----D---- C:\Users\Tomáš\AppData\Roaming\skypePM
2011-07-24 15:45:33 ----D---- C:\Program Files (x86)\Opera
2011-07-18 18:12:11 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-07-17 15:58:15 ----D---- C:\Users\Tomáš\AppData\Roaming\BitComet
2011-07-17 10:37:24 ----D---- C:\Windows\winsxs
2011-07-17 10:32:32 ----D---- C:\Windows\AppPatch
2011-07-16 23:29:58 ----A---- C:\Windows\system32\MRT.exe
2011-07-16 19:35:01 ----D---- C:\Windows\system32\catroot2
2011-07-01 08:27:06 ----D---- C:\Windows\system32\NDF
2011-06-30 13:18:00 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 anodlwf;ANOD Network Security Filter driver; C:\Windows\system32\DRIVERS\anodlwfx.sys [2009-03-06 15872]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 288088]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 45400]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-17 254528]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 91568]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 64856]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-04-07 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-04-07 43680]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-02-25 33344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-04-05 1265152]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB64.sys [2009-06-10 1627520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
S2 ANIO;ANIO Service; \??\c:\windows\SysWOW64\ANIO64.sys [2009-02-09 48640]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [2005-08-03 151552]
S3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 158808]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2005-08-03 573952]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2005-08-03 738560]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [2005-08-03 695808]
S3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 706648]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [2005-08-03 208896]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [2005-08-03 316928]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [2005-08-03 169472]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [2005-08-03 356864]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2010-03-18 26328]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2005-08-03 9728]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [2005-08-03 676864]
S3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 681048]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2005-08-03 284160]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2005-08-03 130048]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2005-08-03 1300480]
S3 kxwdmdrv;kX WDM Driver Service; C:\Windows\system32\drivers\kx.sys []
S3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\Dnetr28ux.sys [2009-08-05 987648]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2005-08-03 205824]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2010-12-21 125416]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-12-21 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2010-12-21 159208]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANIWConnService;ANIWConn Service; C:\Windows\syswow64\ANIWConnService.exe [2009-07-07 151552]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 1012328]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-04 75136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 934176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; D:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-12-25 403240]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1255736]

-----------------EOF-----------------

CKScanner :

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.GQLBID
----- EOF -----
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zřejmě FB vir

#6 Příspěvek od vyosek »

:arrow: Na vyber mate, ja Vas k nicemu nenutil - mohl jste kliknout nahore na Odhlasit se a pomoci si jak umite

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#7 Příspěvek od t0m4sb3r4n218 »

OTL : http://www.uloz.to/9812785/otl-txt

Extras :

OTL Extras logfile created on: 28.7.2011 12:40:32 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Downloads
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,93 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 61,38% Memory free
7,86 Gb Paging File | 6,27 Gb Available in Paging File | 79,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 47,37 Gb Free Space | 31,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 88,57 Gb Free Space | 29,71% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Tomáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-2775828964-2842721151-1777855503-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{34B2530C-6349-4292-9DC3-60BDA4AED93D}" = Python 3.2.1 (64-bit)
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BlackHawk Web Browser_is1" = BlackHawk Web Browser
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{53E2DCBB-E6F7-4C83-B1EF-F78435B9814E}" = Sound Blaster X-Fi Xtreme Audio
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5F753314-628E-4C13-B8AE-BFA7FD514CBE}" = D-Link Wireless G DWL-G122_DWA-110
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7AEBFFF0-15A1-48A9-88F3-06604486C7C9}" = WMPTagSupportExtender
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"AirConflictsSecretWars" = Air Conflicts Secret Wars
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"AudioConSole" = Creative Audio Console
"avast" = avast! Free Antivirus
"BitComet" = BitComet 1.27
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DAEMON Tools Lite" = DAEMON Tools Lite
"Duke Nukem Forever_is1" = Duke Nukem Forever
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"Fraps" = Fraps
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"Hamachi" = Hamachi 1.0.2.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player_is1" = M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player v 1.1
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"NAVIGON Fresh" = NAVIGON Fresh 3.3.0
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.11.2109" = Opera 11.11
"PowerISO" = PowerISO
"SFBM" = SoundFont Bank Manager
"Vietcong" = Vietcong
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2775828964-2842721151-1777855503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26.6.2011 13:26:15 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Program BF2.exe verze 1.0.1.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 300 Čas
spuštění: 01cc34231a40919f Čas ukončení: 394 Cesta k aplikaci: D:\Program Files\Electronic
Arts\Battlefield Bad Company 2\BF2.exe ID hlášení:

Error - 16.7.2011 10:39:21 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 5.0.0.4183 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
c94 Čas spuštění: 01cc43c60aaa77e9 Čas ukončení: 62 Cesta k aplikaci: C:\Program Files
(x86)\Mozilla Firefox\firefox.exe ID hlášení: 5c33a525-afb9-11e0-bcaa-6cf049771d0b


Error - 24.7.2011 8:25:25 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Skype.exe, verze: 5.0.0.156, časové razítko:
0x4cf901f4 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17625, časové
razítko: 0x4de8781e Kód výjimky: 0xe0fafafa Posun chyby: 0x0000b9bc ID chybujícího
procesu: 0xca0 Čas spuštění chybující aplikace: 0x01cc49fcb0e2c424 Cesta k chybující
aplikaci: C:\Program Files (x86)\Skype\Phone\Skype.exe Cesta k chybujícímu modulu:
C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 018b4457-b5f0-11e0-9403-6cf049771d0b

Error - 25.7.2011 11:27:25 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Program ICQ.exe verze 7.5.0.5255 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
a08 Čas spuštění: 01cc4adee29b4724 Čas ukončení: 10 Cesta k aplikaci: C:\Program Files
(x86)\ICQ7.5\ICQ.exe ID hlášení:

Error - 26.7.2011 6:12:40 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: wmplayer.exe, verze: 12.0.7601.17514, časové
razítko: 0x4ce7a485 Název chybujícího modulu: CLFLVSplitter.ax, verze: 1.0.0.1201,
časové razítko: 0x4b148596 Kód výjimky: 0xc0000005 Posun chyby: 0x00008cfc ID chybujícího
procesu: 0x524 Čas spuštění chybující aplikace: 0x01cc4b7c8a793e50 Cesta k chybující
aplikaci: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\CLFLVSplitter.ax ID
zprávy: caf222b6-b76f-11e0-a714-6cf049771d0b

Error - 26.7.2011 11:31:19 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: RedFactionArmageddon.exe, verze: 0.0.0.0,
časové razítko: 0x4dc00839 Název chybujícího modulu: RedFactionArmageddon.exe, verze:
0.0.0.0, časové razítko: 0x4dc00839 Kód výjimky: 0xc0000005 Posun chyby: 0x0008decb
ID
chybujícího procesu: 0x139c Čas spuštění chybující aplikace: 0x01cc4ba90fb33c8a Cesta
k chybující aplikaci: D:\Program Files (x86)\Red Faction Armageddon\RedFactionArmageddon.exe
Cesta
k chybujícímu modulu: D:\Program Files (x86)\Red Faction Armageddon\RedFactionArmageddon.exe
ID
zprávy: 4ef3754c-b79c-11e0-a714-6cf049771d0b

Error - 26.7.2011 11:40:01 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: redfactionarmageddon_dx11.exe, verze: 0.0.0.0,
časové razítko: 0x4dc009a5 Název chybujícího modulu: redfactionarmageddon_dx11.exe,
verze: 0.0.0.0, časové razítko: 0x4dc009a5 Kód výjimky: 0xc0000005 Posun chyby: 0x000704b4
ID
chybujícího procesu: 0x13a4 Čas spuštění chybující aplikace: 0x01cc4baa27a15af8 Cesta
k chybující aplikaci: D:\Program Files (x86)\Red Faction Armageddon\redfactionarmageddon_dx11.exe
Cesta
k chybujícímu modulu: D:\Program Files (x86)\Red Faction Armageddon\redfactionarmageddon_dx11.exe
ID
zprávy: 85fb9c5f-b79d-11e0-a714-6cf049771d0b

Error - 27.7.2011 4:34:37 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: SHELL32.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7c9a6 Kód výjimky: 0xc0000005 Posun chyby: 0x000000000009a749
ID
chybujícího procesu: 0x550 Čas spuštění chybující aplikace: 0x01cc4c238cb09e59 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\system32\SHELL32.dll
ID
zprávy: 42f66fbc-b82b-11e0-a024-6cf049771d0b

Error - 28.7.2011 5:17:30 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Program ICQ.exe verze 7.5.0.5255 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
23c Čas spuštění: 01cc4cfeb82b7d9b Čas ukončení: 0 Cesta k aplikaci: C:\Program Files
(x86)\ICQ7.5\ICQ.exe ID hlášení:

Error - 28.7.2011 6:05:52 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Program CKScanner.exe verze 1.9.1.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
910 Čas spuštění: 01cc4d0db0bc4fac Čas ukončení: 0 Cesta k aplikaci: D:\Downloads\CKScanner.exe

ID
hlášení: 29c9ee23-b901-11e0-9189-6cf049771d0b

[ System Events ]
Error - 20.6.2011 12:58:33 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 20.6.2011 16:13:21 | Computer Name = PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (22:11:30, ?20.?6.?2011) bylo neočekávané.

Error - 20.6.2011 16:13:28 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 21.6.2011 8:34:19 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 21.6.2011 9:16:30 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 21.6.2011 10:07:22 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 21.6.2011 11:58:10 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 22.6.2011 11:16:38 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 23.6.2011 9:47:28 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 24.6.2011 7:24:07 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba ANIO Service neuspěla při spuštění v důsledku následující chyby:
%%577


< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zřejmě FB vir

#8 Příspěvek od vyosek »

OTL sem tez prosim vlozte, rozdelte jej do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#9 Příspěvek od t0m4sb3r4n218 »

no dobrá :-)

OTL logfile created on: 28.7.2011 12:40:32 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Downloads
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,93 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 61,38% Memory free
7,86 Gb Paging File | 6,27 Gb Available in Paging File | 79,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 47,37 Gb Free Space | 31,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 88,57 Gb Free Space | 29,71% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Tomáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.07.28 12:38:10 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2011.07.04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.06.26 17:24:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011.01.04 14:23:03 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.09.02 22:18:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
PRC - [2010.03.13 12:58:58 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.09.18 18:02:30 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe
PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\Windows\SysWOW64\ANIWConnService.exe
PRC - [2007.02.28 18:50:50 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe


========== Modules (SafeList) ==========

MOD - [2011.07.28 12:38:10 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
MOD - [2011.07.04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.01.04 14:23:03 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (http://www.BitComet.com) [On_Demand | Stopped] -- D:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010.12.25 21:24:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.09.02 22:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ANIWConnService.exe -- (ANIWConnService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.04.07 09:07:00 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.04.07 09:06:59 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.03 17:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.02.25 20:26:55 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.02.17 21:36:35 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.01.04 17:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.12.21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.12.21 07:55:02 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010.12.21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010.12.21 07:55:02 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010.12.21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010.12.21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.12.21 07:55:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.03.18 21:51:00 | 000,026,328 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctgame.sys -- (ctgame)
DRV:64bit: - [2010.03.18 21:40:02 | 000,681,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTSBLFX.sys -- (CTSBLFX.SYS)
DRV:64bit: - [2010.03.18 21:40:02 | 000,681,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV:64bit: - [2010.03.18 21:39:54 | 000,706,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTAUDFX.sys -- (CTAUDFX.SYS)
DRV:64bit: - [2010.03.18 21:39:54 | 000,706,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV:64bit: - [2010.03.18 21:39:44 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\COMMONFX.sys -- (COMMONFX.SYS)
DRV:64bit: - [2010.03.18 21:39:44 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\COMMONFX.sys -- (COMMONFX)
DRV:64bit: - [2009.08.05 22:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dnetr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:32:37 | 001,627,520 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ph3xIB64.sys -- (Ph3xIB64)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.06 19:10:10 | 000,015,872 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\anodlwfx.sys -- (anodlwf)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2007.04.05 04:40:36 | 001,265,152 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P17.sys -- (P17)
DRV:64bit: - [2005.08.03 19:37:58 | 000,676,864 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ctsblfx.dll -- (CTSBLFX.DLL)
DRV:64bit: - [2005.08.03 19:37:56 | 000,695,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ctaudfx.dll -- (CTAUDFX.DLL)
DRV:64bit: - [2005.08.03 19:37:56 | 000,208,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2005.08.03 19:37:54 | 000,356,864 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2005.08.03 19:37:54 | 000,151,552 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\commonfx.dll -- (COMMONFX.DLL)
DRV:64bit: - [2005.08.03 19:37:52 | 000,316,928 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2005.08.03 19:37:52 | 000,169,472 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2005.08.03 19:37:50 | 000,738,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2005.08.03 19:37:50 | 000,009,728 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2005.08.03 19:37:40 | 001,300,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2005.08.03 19:37:38 | 000,205,824 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2005.08.03 19:37:36 | 000,284,160 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2005.08.03 19:37:34 | 000,130,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2005.08.03 19:37:32 | 000,573,952 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV - [2011.01.04 17:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2010.03.13 12:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/05/08 11:49:20] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009.02.09 19:36:00 | 000,048,640 | ---- | M] () [Kernel | Auto | Stopped] -- c:\Windows\SysWOW64\ANIO64.sys -- (ANIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=centrum
IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.2.6&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tomáš\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tomáš\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.07.28 11:58:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 17:24:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.19 19:15:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010.12.24 22:17:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Extensions
[2011.07.25 14:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions
[2011.07.25 14:50:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.04 09:05:36 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2011.06.09 20:13:43 | 000,000,000 | ---D | M] ("Nero Toolbar") -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\searchplugins\icqplugin.xml
[2011.01.01 12:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.01.01 12:16:04 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.12.24 22:34:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.24 23:23:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011.07.28 11:58:14 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\TOMáš\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHHXV7P0.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\TOMáš\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHHXV7P0.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2011.06.26 17:24:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.15 14:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.07 12:14:23 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.05.07 12:14:23 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.12 15:24:10 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011.05.07 12:14:23 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.05.07 12:14:23 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.05.07 12:14:24 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AsioReg] C:\Windows\SysNative\CTASIO.DLL (Creative Technology Ltd)
O4:64bit: - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWOW64\ctasio.dll (Creative Technology Ltd)
O4:64bit: - HKLM..\Run: [DevconDefaultDB] C:\Windows\SysNative\READREG.exe (Creative Technology Limited)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [WZCSLDR2] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000..\Run: [DevconDefaultDB] C:\Windows\SysWow64\READREG.exe (Creative Technology Limited)
O4 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000..\Run: [SetDefaultMIDI] File not found
O4 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1001..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Stáhnout odkaz s použitím BitCometu - D:\Program Files (x86)\BitComet\BitComet.exe (http://www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - D:\Program Files (x86)\BitComet\BitComet.exe (http://www.BitComet.com)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - D:\Program Files (x86)\BitComet\BitComet.exe (http://www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - D:\Program Files (x86)\BitComet\BitComet.exe (http://www.BitComet.com)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.16 08:50:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{f6327281-3aba-11e0-8ffd-6cf049771d0b}\Shell - "" = AutoRun
O33 - MountPoints2\{f6327281-3aba-11e0-8ffd-6cf049771d0b}\Shell\AutoRun\command - "" = J:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.RTV1 - rtvcvfw32.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.07.28 11:58:36 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.07.28 11:58:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.07.28 11:58:35 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.07.28 11:58:26 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.07.28 11:58:25 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.07.28 11:58:24 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.28 11:58:23 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.28 11:58:23 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.07.28 11:58:10 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.07.28 11:58:09 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.07.28 11:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.07.28 11:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.07.28 10:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.28 10:40:44 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.27 12:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011.07.26 11:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011.07.26 11:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011.07.26 11:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2011.07.26 11:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\YouTube Downloader
[2011.07.26 11:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2011.07.26 11:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader
[2011.07.25 17:13:06 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.2
[2011.07.25 17:12:54 | 000,000,000 | ---D | C] -- C:\Python32
[2011.07.24 23:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.07.24 23:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2011.07.24 23:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011.07.24 23:46:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011.07.24 21:51:38 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Roaming\Winamp
[2011.07.24 21:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011.07.24 21:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\piPOol
[2010.12.25 22:23:41 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010.12.25 22:23:41 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.07.28 12:08:30 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.28 12:08:30 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.28 12:00:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.28 12:00:39 | 3167,346,688 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.28 11:58:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.28 11:48:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2775828964-2842721151-1777855503-1000UA.job
[2011.07.27 13:48:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2775828964-2842721151-1777855503-1000Core.job
[2011.07.27 12:29:37 | 000,002,094 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.07.26 21:27:43 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.26 21:27:43 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.26 21:27:43 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.26 21:27:43 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.26 21:27:43 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.28 11:58:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011.07.26 11:38:52 | 000,002,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.06.22 18:25:02 | 000,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini
[2011.06.18 10:38:09 | 000,001,088 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\SRDownloader(1).nast
[2011.06.18 10:37:34 | 000,000,856 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\SRDownloader.nast
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.26 21:27:52 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2011.01.04 17:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.01.04 17:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.01.04 17:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.01.04 17:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.01.04 17:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.01.04 14:22:45 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.01.01 12:27:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.29 17:56:46 | 000,003,118 | ---- | C] () -- C:\Windows\SysWow64\AudioDrv.ini
[2010.12.29 17:55:12 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\OemSpiE.dll
[2010.12.29 17:55:12 | 000,001,669 | ---- | C] () -- C:\Windows\P17EP.ini
[2010.12.29 17:55:02 | 000,003,348 | R--- | C] () -- C:\Windows\SysWow64\ludap17.ini
[2010.12.25 22:34:17 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.12.25 22:34:17 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.12.25 22:23:42 | 000,386,852 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010.12.25 22:23:42 | 000,313,207 | ---- | C] () -- C:\Windows\SysWow64\ctstatic.dat
[2010.12.25 22:23:42 | 000,053,932 | ---- | C] () -- C:\Windows\SysWow64\ctdaught.dat
[2010.12.25 22:23:42 | 000,051,787 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010.12.25 22:23:42 | 000,037,888 | ---- | C] () -- C:\Windows\SysWow64\psconv.exe
[2010.12.25 22:23:42 | 000,023,183 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010.12.25 22:23:42 | 000,000,307 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2010.12.25 22:23:42 | 000,000,078 | R--- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2010.12.25 22:23:41 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2010.12.25 10:40:50 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.12.25 10:18:41 | 000,030,756 | ---- | C] () -- C:\Windows\SysWow64\e10kxwdm.ini
[2010.12.24 22:13:18 | 000,003,284 | ---- | C] () -- C:\Users\Tomáš\AppData\Roaming\ANIWZCS{26954021-317F-42C9-BAF2-A62B5B7D6C1B}
[2010.12.24 22:08:55 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ANIWConnService.exe
[2010.12.24 22:08:44 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\wlanapp.dll
[2010.12.24 22:08:44 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\aIPH.dll
[2010.12.24 22:08:44 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AQCKGen.dll
[2010.12.24 22:08:44 | 000,045,115 | ---- | C] () -- C:\Windows\SysWow64\ANICtl.dll
[2010.12.24 22:08:07 | 000,733,184 | ---- | C] () -- C:\Windows\SysWow64\ANIOWPS.dll
[2010.12.24 22:08:07 | 000,302,080 | ---- | C] () -- C:\Windows\lwd.exe
[2010.12.24 22:08:07 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\ANIWPS.exe
[2010.12.24 22:07:11 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\rt73.bin
[2010.12.24 21:32:25 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\ANIOApi.dll
[2010.12.24 21:32:25 | 000,048,640 | ---- | C] () -- C:\Windows\SysWow64\ANIO64.sys
[2010.12.24 21:32:25 | 000,029,411 | ---- | C] () -- C:\Windows\SysWow64\ANIO.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.03.04 09:28:09 | 000,000,000 | ---D | M] -- C:\Users\Beruška\AppData\Roaming\ESET
[2011.01.23 13:51:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Activision
[2011.01.01 18:05:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Ashampoo
[2011.07.17 15:58:15 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\BitComet
[2011.02.17 21:37:57 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
[2011.06.22 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Day 1 Studios
[2010.12.24 22:36:56 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ESET
[2011.07.25 17:24:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ICQ
[2011.03.31 09:39:53 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011.06.19 14:05:44 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Need for Speed World
[2011.06.19 17:07:46 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Opera
[2011.06.19 18:20:46 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ProtectDISC
[2011.01.08 14:30:59 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Samsung
[2011.07.24 13:46:52 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SetDefaultMIDI" = MIDIDef.exe
"DevconDefaultDB" = C:\Windows\system32\READREG /SILENT /FAIL=1 -- [2010.03.18 20:17:56 | 000,038,400 | ---- | M] (Creative Technology Limited)
"Google Update" = "C:\Users\Tomáš\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.02.03 20:55:16 | 000,136,176 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"ICQ" = "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2011.07.24 23:46:26 | 000,124,216 | ---- | M] (ICQ, LLC.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.23 13:51:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Activision
[2010.12.31 23:44:18 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Adobe
[2011.06.19 17:21:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Apple Computer
[2011.01.01 18:05:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Ashampoo
[2011.07.17 15:58:15 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\BitComet
[2010.12.29 18:01:39 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Creative
[2011.04.25 10:57:03 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\CyberLink
[2011.02.17 21:37:57 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
[2011.06.22 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Day 1 Studios
[2010.12.24 22:36:56 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ESET
[2011.02.27 00:12:49 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Hamachi
[2011.07.25 17:24:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ICQ
[2010.12.24 21:09:45 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Identities
[2010.12.24 22:07:05 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\InstallShield
[2010.12.25 10:54:46 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Macromedia
[2009.07.14 17:36:58 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Media Center Programs
[2011.07.25 17:13:06 | 000,000,000 | --SD | M] -- C:\Users\Tomáš\AppData\Roaming\Microsoft
[2010.12.24 22:17:27 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Mozilla
[2011.03.31 09:39:53 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011.06.19 14:05:44 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Need for Speed World
[2010.12.25 00:50:04 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Nero
[2010.12.27 16:48:52 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\NVIDIA
[2011.06.19 17:07:46 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Opera
[2011.06.19 18:20:46 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ProtectDISC
[2011.01.08 14:30:59 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Samsung
[2011.07.24 16:27:17 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Skype
[2011.07.24 16:02:57 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\skypePM
[2011.07.24 21:53:10 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Winamp
[2010.12.25 00:21:08 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011.07.25 17:13:06 | 000,098,304 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{34B2530C-6349-4292-9DC3-60BDA4AED93D}\python_icon.exe
[2011.06.08 00:11:36 | 000,052,616 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\content\issigned.exe
[2011.06.08 00:35:11 | 000,345,992 | ---- | M] (Ask.com) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\content\NeroApplicationManager.exe
[2011.06.09 19:16:39 | 003,486,088 | ---- | M] (Ask) -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2011.03.28 20:05:50 | 000,013,824 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Tomáš\Documents\win xp pro\I386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Windows.old\Windows\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Windows.old\Windows\system32\drivers\agp440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Tomáš\Documents\win xp pro\I386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp2.cab:atapi.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:atapi.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Windows.old\Windows\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Windows.old\Windows\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Windows.old\Windows\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Windows.old\Windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Windows.old\Windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Windows.old\Windows\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Windows.old\Windows\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\Windows.old\Windows\$NtServicePackUninstall$\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Tomáš\Documents\win xp pro\I386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Windows.old\Windows\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Windows.old\Windows\system32\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\Windows.old\Windows\$NtServicePackUninstall$\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\Windows.old\Windows\$NtServicePackUninstall$\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\Windows.old\Windows\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\Windows.old\Windows\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\Windows.old\Windows\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\Windows.old\Windows\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\Windows.old\Windows\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\Windows.old\Windows\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\Windows.old\Windows\ServicePackFiles\i386\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\Windows.old\Windows\$NtServicePackUninstall$\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
Naposledy upravil(a) t0m4sb3r4n218 dne 28 črc 2011 12:46, celkem upraveno 1 x.
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#10 Příspěvek od t0m4sb3r4n218 »

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Tomáš\Documents\win xp pro\I386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp2.cab:hal.dll
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:hal.dll
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\Windows.old\Windows\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\Windows.old\Windows\ServicePackFiles\i386\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\Windows.old\Windows\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\Tomáš\Documents\win xp pro\I386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp2.cab:Changer.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:Changer.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\Windows.old\Windows\ServicePackFiles\i386\changer.sys

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.07.25 11:44:20 | 023,890,583 | ---- | M] () .cab file -- C:\Windows.old\Windows\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\Windows.old\Windows\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\Windows.old\Windows\system32\ReinstallBackups\0005\DriverFiles\i386\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\Windows.old\Windows\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\Windows.old\Windows\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\Windows.old\Windows\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\Windows.old\Windows\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\Windows.old\Windows\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\Windows.old\Windows\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\Windows.old\Windows\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\Windows.old\Windows\$NtServicePackUninstall$\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\Windows.old\Windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\Windows.old\Windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\Windows.old\Windows\$NtServicePackUninstall$\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\Windows.old\Windows\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\Windows.old\Windows\system32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\Windows.old\Windows\$NtServicePackUninstall$\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\Windows.old\Windows\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\Windows.old\Windows\system32\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\Windows.old\Windows\$NtServicePackUninstall$\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\Windows.old\Windows\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\Windows.old\Windows\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\Windows.old\Windows\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\Windows.old\Windows\system32\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\Windows.old\Windows\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\Windows.old\Windows\$NtServicePackUninstall$\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\Windows.old\Windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\Windows.old\Windows\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\Windows.old\Windows\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\Windows.old\Windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\Windows.old\Windows\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\Windows.old\Windows\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\Windows.old\Windows\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\Windows.old\Windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\Windows.old\Windows\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\Windows.old\Windows\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\Windows.old\Windows\$NtServicePackUninstall$\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\Windows.old\Windows\$NtServicePackUninstall$\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\Windows.old\Windows\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\Windows.old\Windows\system32\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\Windows.old\Windows\$NtServicePackUninstall$\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\Windows.old\Windows\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\Windows.old\Windows\system32\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.07.28 11:58:23 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zřejmě FB vir

#11 Příspěvek od vyosek »

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=centrum
IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.6&q="
[2011.07.25 14:50:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.09 20:13:43 | 000,000,000 | ---D | M] ("Nero Toolbar") -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\searchplugins\icqplugin.xml
File not found (No name found) --
[2011.07.28 11:58:14 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\TOMáš\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHHXV7P0.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\TOMáš\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHHXV7P0.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O3 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2775828964-2842721151-1777855503-1001..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{f6327281-3aba-11e0-8ffd-6cf049771d0b}\Shell - "" = AutoRun
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=-
"AsioThk32Reg"=-
"DevconDefaultDB"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"=-
"Google Update"=-
"DAEMON Tools Lite"=-
"ICQ"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"RemoteControl10"=-
"BDRegion"=-
"QuickTime Task"=-
"iTunesHelper"=-
""=-
"ApnUpdater"=-

:files
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\ICQ6Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#12 Příspěvek od t0m4sb3r4n218 »

All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe moved successfully.
HKU\S-1-5-21-2775828964-2842721151-1777855503-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2775828964-2842721151-1777855503-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2775828964-2842721151-1777855503-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: toolbar@ask.com:3.11.3.15590 removed from extensions.enabledItems
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.2.6&q=" removed from keyword.URL
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-31-May-2011-11-45-02-GMT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-28-Dec-2010-13-07-01-GMT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-09-Jun-2011-18-13-41-GMT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-27-Dec-2010-09-11-31-GMT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-21-Mar-2011-19-07-14-GMT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-24-Dec-2010-22-35-12-GMT folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\phhxv7p0.default\searchplugins\icqplugin.xml moved successfully.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\png scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\icons scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 24x24px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 16x16px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-TW scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-CN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\vi-VN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ur-PK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\uk-UA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\tr-TR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\th-TH scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sv-SE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sl-SI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sk-SK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ru-RU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ro-RO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-PT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-BR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pl-PL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nl-NL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nb-NO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ko-KR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ja-JP scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\it-IT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\id-ID scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hu-HU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hr-HR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\he-IL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fr-FR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fi-FI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\et-EE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\es-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-US scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-GB scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\el-GR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\de-DE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\da-DK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\cs-CZ scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ca-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\bg-BG scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\be-BY scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ar-SA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\defaults scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\content scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2775828964-2842721151-1777855503-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2775828964-2842721151-1777855503-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6327281-3aba-11e0-8ffd-6cf049771d0b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f6327281-3aba-11e0-8ffd-6cf049771d0b}\ not found.
C:\Windows\SysWow64\tmpC0EE.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AsioReg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AsioThk32Reg not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DevconDefaultDB not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DevconDefaultDB deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AsioReg not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BDRegion deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
========== FILES ==========
C:\Program Files (x86)\Ask.com\Updater folder moved successfully.
C:\Program Files (x86)\Ask.com\assets\oobe folder moved successfully.
C:\Program Files (x86)\Ask.com\assets folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
C:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Beruška
->Temp folder emptied: 230252 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->FireFox cache emptied: 53524 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Tomáš
->Temp folder emptied: 260058216 bytes
->Temporary Internet Files folder emptied: 91495455 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 304114312 bytes
->Google Chrome cache emptied: 219370297 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 27675381 bytes
->Flash cache emptied: 15001 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1794948439 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67911 bytes
RecycleBin emptied: 8626392692 bytes

Total Files Cleaned = 10 800,00 mb


[EMPTYFLASH]

User: All Users

User: Beruška

User: Default

User: Default User

User: Public

User: Tomáš
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07282011_170601

Files\Folders moved on Reboot...
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\png scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\icons scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 24x24px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 16x16px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\png scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\icons scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 24x24px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 16x16px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-TW scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-CN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\vi-VN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ur-PK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\uk-UA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\tr-TR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\th-TH scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sv-SE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sl-SI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sk-SK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ru-RU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ro-RO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-PT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-BR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pl-PL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nl-NL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nb-NO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ko-KR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ja-JP scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\it-IT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\id-ID scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hu-HU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hr-HR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\he-IL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fr-FR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fi-FI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\et-EE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\es-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-US scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-GB scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\el-GR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\de-DE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\da-DK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\cs-CZ scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ca-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\bg-BG scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\be-BY scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ar-SA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-TW scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-CN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\vi-VN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ur-PK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\uk-UA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\tr-TR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\th-TH scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sv-SE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sl-SI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sk-SK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ru-RU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ro-RO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-PT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-BR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pl-PL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nl-NL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nb-NO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ko-KR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ja-JP scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\it-IT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\id-ID scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hu-HU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hr-HR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\he-IL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fr-FR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fi-FI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\et-EE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\es-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-US scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-GB scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\el-GR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\de-DE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\da-DK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\cs-CZ scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ca-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\bg-BG scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\be-BY scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ar-SA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\defaults scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\content scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\png scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\icons scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 24x24px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin\ico 16x16px scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\skin scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-TW scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\zh-CN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\vi-VN scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ur-PK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\uk-UA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\tr-TR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\th-TH scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sv-SE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sl-SI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\sk-SK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ru-RU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ro-RO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-PT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pt-BR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\pl-PL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nl-NL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\nb-NO scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ko-KR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ja-JP scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\it-IT scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\id-ID scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hu-HU scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\hr-HR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\he-IL scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fr-FR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\fi-FI scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\et-EE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\es-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-US scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\en-GB scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\el-GR scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\de-DE scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\da-DK scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\cs-CZ scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ca-ES scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\bg-BG scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\be-BY scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale\ar-SA scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\locale scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\defaults scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF\content scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF scheduled to be moved on reboot.
C:\Users\Tomáš\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#13 Příspěvek od t0m4sb3r4n218 »

tento krok mi smazal hodně aplikací...tim chcete říct, že ve všech byly viry?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: zřejmě FB vir

#14 Příspěvek od vyosek »

jake aplikace mate na mysli :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
t0m4sb3r4n218
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 28 črc 2011 09:45

Re: zřejmě FB vir

#15 Příspěvek od t0m4sb3r4n218 »

ty co jsou v poslednim logu pod nadpisem REGISTRY, taky mi to nějak pozměnilo vzhled firefoxu...dobře, zas tolik jich nebylo, ale dřív jsem měl po kliknutí na šipku v pravém dolním rohu na liště asi 4 řady aplikací, teď tam jsou jen 2 aplikace

a odinstalovalo mi to i avast :!: :!:
Naposledy upravil(a) t0m4sb3r4n218 dne 28 črc 2011 16:45, celkem upraveno 1 x.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“