Trojský kůň (Graftor.910514) Prosím o pomoc
Napsal: 29 čer 2012 10:33
Ahoj, jak již z názvů vyplívá, mám problém s tímto určitým virem. Mám pocit, že mi způsobuje zamrzávání pc ale nejsem si úplně jistý. Každopádně Vám řeknu přihodu, která se mi teď stala... Brouzdal jsem na netu a najednou mi Firefox přestal odpovídat, tak jsem ho chtěl ukončit ale v té samé chvíli zamrzl také celý pc. Nešlo nic udělat, tak jsem ho vypnul na tvrdo a zase zapl. Po prvním zapnutí, se mi pc v půlce zapínání seknul a nic nedělal, tak jsme ho opět vypnul a zapl na tvrdo. Teď se již zapl a naskočila mi tabulka od Avira že našel virus TR/Graftor.910514 konkrétně ve složce D:\Windows\system32\msipfh32.dll nechci jej odstraňovat, neboť je to ve složce windowsu, mám strach že bych něco pokazil. Proto Vás prosím o pomoc. Děkuji
RSIT: 1/2
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-06-29 14:01:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 59 GB (24%) free of 243 GB
Total RAM: 2815 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:02:05, on 29.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\arservice.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Program Files\FileZilla Server\FileZilla Server.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\CyberLink\Shared files\RichVideo.exe
D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\ARPWRMSG.EXE
D:\WINDOWS\ehome\ehtray.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files\AVG Secure Search\vprot.exe
D:\WINDOWS\eHome\ehmsas.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\BitTorrent\BitTorrent.exe
D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\WINDOWS\system32\mspaint.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\Admin\Dokumenty\Downloads\RSIT.exe
D:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={29B71858-D ... 2012-06-27 09:28:35&v=11.1.0.12&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - D:\Documents and Settings\Admin\Data aplikací\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] D:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [vProt] "D:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [MSIDLL] rundll32.exe msipfh32.dll,aaIoezw
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Documents and Settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - D:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - D:\WINDOWS\system32\sfrem01.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
--
End of file - 9080 bytes
=========Mozilla firefox=========
ProfilePath - D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Bb9 ... &sap=ku&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@toolbar"=D:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\11.1.0.12\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=D:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
D:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
D:\Program Files\Mozilla Firefox\plugins\
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
nppdf32.dll
D:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
avg-secure-search.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\extensions\
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{8567a644-e36c-470c-86cf-9c5b4f37db81}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\
conduit.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - D:\Documents and Settings\Admin\Data aplikací\Complitly\Complitly.dll [2012-05-21 142040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-06-27 2074208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-06-27 2074208]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=D:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AlwaysReady Power Message APP"=D:\WINDOWS\ARPWRMSG.EXE [2008-12-27 77312]
"ehTray"=D:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-05-09 348624]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-01-31 13666920]
"Malwarebytes' Anti-Malware"=D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]
"vProt"=D:\Program Files\AVG Secure Search\vprot.exe [2012-06-27 1107552]
"PWRISOVM.EXE"=D:\Program Files\PowerISO\PWRISOVM.EXE [2012-05-31 336992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=D:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"Steam"=D:\Program Files\Steam\steam.exe [2012-05-06 1242448]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"BitTorrent"=D:\Program Files\BitTorrent\BitTorrent.exe [2012-05-30 6380400]
"MSIDLL"=msipfh32.dll,aaIoezw []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
D:\Program Files\Clownfish\Clownfish.exe [2012-05-08 1091320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
D:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2012-02-26 1044992]
D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění
GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe"="D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe:*:Enabled:World of Battles"
"D:\Program Files\BitTorrent\BitTorrent.exe"="D:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe"="D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe:*:Enabled:Super Monday Night Combat"
"D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe"="D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe:*:Enabled:ARMA 2: Free"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe"="D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Enabled:EE-AOC"
"D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"D:\WINDOWS\system32\dplaysvr.exe"="D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe"="D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"D:\Program Files\Sierra\Empire Earth\Empire Earth.exe"="D:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe"="D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game-save.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game-save.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\TmUnitedForever\TmForever.exe"="D:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.156\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.156\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX02.531\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX02.531\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX04.094\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX04.094\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\Documents and Settings\Admin\Plocha\TrackMania_United_keygen_by_DETONATiON.exe"="D:\Documents and Settings\Admin\Plocha\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.1"
"D:\Program Files\ArmA 2\arma2OA.exe"="D:\Program Files\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead"
"D:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe"="D:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe:*:Enabled:ArmA 2 OA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.HFYU"=huffyuv.dll
"VIDC.FPS1"=frapsvid.dll
RSIT: 1/2
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-06-29 14:01:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 59 GB (24%) free of 243 GB
Total RAM: 2815 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:02:05, on 29.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\arservice.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Program Files\FileZilla Server\FileZilla Server.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\CyberLink\Shared files\RichVideo.exe
D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\ARPWRMSG.EXE
D:\WINDOWS\ehome\ehtray.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files\AVG Secure Search\vprot.exe
D:\WINDOWS\eHome\ehmsas.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\BitTorrent\BitTorrent.exe
D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\WINDOWS\system32\mspaint.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\Admin\Dokumenty\Downloads\RSIT.exe
D:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={29B71858-D ... 2012-06-27 09:28:35&v=11.1.0.12&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - D:\Documents and Settings\Admin\Data aplikací\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] D:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [vProt] "D:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [MSIDLL] rundll32.exe msipfh32.dll,aaIoezw
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Documents and Settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - D:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - D:\WINDOWS\system32\sfrem01.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
--
End of file - 9080 bytes
=========Mozilla firefox=========
ProfilePath - D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Bb9 ... &sap=ku&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@toolbar"=D:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\11.1.0.12\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=D:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
D:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
D:\Program Files\Mozilla Firefox\plugins\
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
nppdf32.dll
D:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
avg-secure-search.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\extensions\
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{8567a644-e36c-470c-86cf-9c5b4f37db81}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\
conduit.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - D:\Documents and Settings\Admin\Data aplikací\Complitly\Complitly.dll [2012-05-21 142040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-06-27 2074208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-06-27 2074208]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=D:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AlwaysReady Power Message APP"=D:\WINDOWS\ARPWRMSG.EXE [2008-12-27 77312]
"ehTray"=D:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-05-09 348624]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-01-31 13666920]
"Malwarebytes' Anti-Malware"=D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]
"vProt"=D:\Program Files\AVG Secure Search\vprot.exe [2012-06-27 1107552]
"PWRISOVM.EXE"=D:\Program Files\PowerISO\PWRISOVM.EXE [2012-05-31 336992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=D:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"Steam"=D:\Program Files\Steam\steam.exe [2012-05-06 1242448]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"BitTorrent"=D:\Program Files\BitTorrent\BitTorrent.exe [2012-05-30 6380400]
"MSIDLL"=msipfh32.dll,aaIoezw []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
D:\Program Files\Clownfish\Clownfish.exe [2012-05-08 1091320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
D:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2012-02-26 1044992]
D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění
GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe"="D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe:*:Enabled:World of Battles"
"D:\Program Files\BitTorrent\BitTorrent.exe"="D:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe"="D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe:*:Enabled:Super Monday Night Combat"
"D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe"="D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe:*:Enabled:ARMA 2: Free"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe"="D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Enabled:EE-AOC"
"D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"D:\WINDOWS\system32\dplaysvr.exe"="D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe"="D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"D:\Program Files\Sierra\Empire Earth\Empire Earth.exe"="D:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe"="D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game-save.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game-save.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\TmUnitedForever\TmForever.exe"="D:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.156\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.156\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX02.531\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX02.531\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX04.094\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX04.094\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\Documents and Settings\Admin\Plocha\TrackMania_United_keygen_by_DETONATiON.exe"="D:\Documents and Settings\Admin\Plocha\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.1"
"D:\Program Files\ArmA 2\arma2OA.exe"="D:\Program Files\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead"
"D:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe"="D:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe:*:Enabled:ArmA 2 OA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.HFYU"=huffyuv.dll
"VIDC.FPS1"=frapsvid.dll
Stahnete RogueKiller 