Čus prosím vás sestra klikla na ten zasran*j odkaz jak posílaj na facebooku na viry a tak se jí ve windows vytvořili složky update 1,0 2,0 5,0 a v tom byl vždy schvost takže sem jí trochu pročistil Hjt a přřes malvara vymazal ty schvosty tak ale pořád fb nejde tak pls o radu :) Děkui
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:33:28, on 23.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\PLFSetI.exe
C:\WINDOWS\RTHDCPL.EXE
D:\Program Files\SweetIM\Messenger\SweetIM.exe
D:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\arservice.exe
D:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\QUALCOMM\QDLService\QDLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\program files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: GdfrDUEn Class - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - D:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SweetIM] D:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AutoStartNPSAgent] D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - D:\Program Files\Get Styles\ct.htm
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - D:\Program Files\Get Styles\ct.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: GeniusMouseService - Unknown owner - D:\Genius\ioCentre\GMouseService.exe (file missing)
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Qualcomm Gobi Download Service (QDLService) - QUALCOMM, Inc. - C:\QUALCOMM\QDLService\QDLService.exe
O23 - Service: ServiceLayer - Nokia - D:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 11549 bytes
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
23.7.2011 12:45:37
mbam-log-2011-07-23 (12-45-37).txt
Typ: Rychlá kontrola
Kontrolované objekty: 151283
Uplynulý čas: 2 minut, 28 sekund
Infikované procesy v paměti: 6
Infikované moduly v paměti: 0
Infikované klíče v registru: 7
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 4
Infikované složky: 0
Infikované soubory: 12
Infikované procesy v paměti:
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> 3088 -> Unloaded process successfully.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> 2888 -> Unloaded process successfully.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 2708 -> Unloaded process successfully.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 3556 -> Unloaded process successfully.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 2636 -> Unloaded process successfully.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 2728 -> Unloaded process successfully.
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SRVSYSDRIVER32 (Trojan.Agent) -> Quarantined and deleted successfully.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\2208821.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\4073815.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\6194946.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\8737156.exe (Backdoor.Delf) -> Quarantined and deleted successfully.
c:\WINDOWS\l1rezerv.exe (Backdoor.Delf) -> Quarantined and deleted successfully.
c:\WINDOWS\systemup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\329202723.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> Quarantined and deleted successfully.
c:\WINDOWS\sysdriver32_.exe (Trojan.Delf) -> Quarantined and deleted successfully.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
Vir z Fb Ntb :)) Vyřešeno
Re: Vir z Fb Ntb :))
Ahoj,
Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-přejmenuj ho na pitomec.com
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.
Stáhni na plochu ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Před použitím vypni všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
-přejmenuj ho na pitomec.com
-Zavři všechna aktivní okna a spusť ho pod učtem s právy administrátora
- Po spuštění se zobrazí podmínky použití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování, se vytvoří log C:\ComboFix.txt, zkopíruj celý jeho obsah sem.
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Vir z Fb Ntb :))
cele jsken proběhne až k části 50 a pak se napíše Mažu soubory: A restartuje se ntb
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Vir z Fb Ntb :))
Nevytvoří což je logické log se dělá až nakonec :)
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Vir z Fb Ntb :))
Zkus to udělat v nouzáku
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Vir z Fb Ntb :))
Tak facebook už jí běží :)
Sorry byl sem 14 dní pryč :)) Tak v nouzáku:
ComboFix 11-08-06.02 - asdfg 06.08.2011 22:59:11.7.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2043.1622 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\asdfg\Plocha\pitomec.com
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\btc_client_iplist.txt
C:\WINDOWS\ddh_iplist.txt
C:\WINDOWS\front_ip_list.txt
C:\WINDOWS\geoiplist
C:\WINDOWS\geoiplist.rar
C:\WINDOWS\iecheck_iplist.txt
C:\WINDOWS\info1
C:\WINDOWS\iplist.txt
C:\WINDOWS\iun6002.exe
C:\WINDOWS\loader2.exe_ok
C:\WINDOWS\phoenix
C:\WINDOWS\phoenix.rar
C:\WINDOWS\phoenix\kernels\phatk\__init__.py
C:\WINDOWS\phoenix\kernels\phatk\__init__.pyc
C:\WINDOWS\phoenix\kernels\phatk\BFIPatcher.py
C:\WINDOWS\phoenix\kernels\phatk\kernel.cl
C:\WINDOWS\phoenix\kernels\poclbm\__init__.py
C:\WINDOWS\phoenix\kernels\poclbm\__init__.pyc
C:\WINDOWS\phoenix\kernels\poclbm\BFIPatcher.py
C:\WINDOWS\phoenix\kernels\poclbm\kernel.cl
C:\WINDOWS\phoenix\phoenix.exe
C:\WINDOWS\rpcminer
C:\WINDOWS\rpcminer.rar
C:\WINDOWS\rpcminer\bitcoinminercuda_10.cubin
C:\WINDOWS\rpcminer\bitcoinminercuda_11.cubin
C:\WINDOWS\rpcminer\bitcoinminercuda_20.cubin
C:\WINDOWS\rpcminer\bitcoinmineropencl.cl
C:\WINDOWS\rpcminer\cudart32_32_16.dll
C:\WINDOWS\rpcminer\curllib.dll
C:\WINDOWS\rpcminer\libeay32.dll
C:\WINDOWS\rpcminer\libsasl.dll
C:\WINDOWS\rpcminer\openldap.dll
C:\WINDOWS\rpcminer\rpcminer-4way.exe
C:\WINDOWS\rpcminer\rpcminer-cpu.exe
C:\WINDOWS\rpcminer\rpcminer-cuda.exe
C:\WINDOWS\rpcminer\rpcminer-opencl.exe
C:\WINDOWS\rpcminer\ssleay32.dll
C:\WINDOWS\system32\drivers\etc\HSTS~1
C:\WINDOWS\ufa.rar
C:\WINDOWS\winlog-dirs.txt
C:\WINDOWS\winlog-ids.txt
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_WXPDRIVERS
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-06 do 2011-08-06 )))))))))))))))))))))))))))))))
2011-07-25 13:27:19 . 2011-07-25 13:34:03 -------- d-----w- C:\pitomec
2011-07-23 10:58:14 . 2011-07-04 11:36:43 441176 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-23 10:57:45 . 2011-07-23 10:57:45 -------- dc----w- D:\Program Files\AVAST Software
2011-07-23 10:57:45 . 2011-07-23 10:57:45 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-23 10:42:42 . 2011-07-23 10:42:42 -------- d-----w- C:\Documents and Settings\asdfg\Data aplikací\Malwarebytes
2011-07-23 10:42:37 . 2011-07-06 17:52:42 41272 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-23 10:42:36 . 2011-07-23 10:42:36 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-07-23 10:42:33 . 2011-07-23 10:42:38 -------- dc----w- D:\Program Files\Malwarebytes' Anti-Malware
2011-07-23 10:42:33 . 2011-07-06 17:52:42 22712 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-22 14:38:45 . 2011-07-22 14:38:45 -------- dc----w- D:\Program Files\ATI
2011-07-22 14:38:30 . 2011-07-22 14:38:30 -------- dc----w- D:\Program Files\ATI Technologies
2011-07-22 13:53:35 . 2011-07-22 13:53:36 -------- d-----w- C:\WINDOWS\ufa
2011-07-22 13:52:49 . 2011-07-22 13:53:34 246272 ----a-w- C:\WINDOWS\unrar.exe
2011-07-21 17:31:53 . 2011-07-21 17:31:53 -------- d-----w- C:\WINDOWS\av_ico
2011-07-21 17:20:06 . 2011-07-21 17:20:06 -------- d-----w- C:\Documents and Settings\LocalService\Nabídka Start
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-07-04 11:43:53 . 2010-06-30 16:04:16 40112 ----a-w- C:\WINDOWS\avastSS.scr
2011-07-04 11:43:51 . 2010-04-16 23:31:10 199304 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2011-07-04 11:36:32 . 2010-04-16 23:31:25 309848 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-04 11:35:23 . 2010-04-16 23:31:28 43608 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-04 11:35:12 . 2010-04-16 23:31:25 102616 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-04 11:35:09 . 2010-04-16 23:31:25 96344 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-04 11:32:32 . 2010-04-16 23:31:28 25432 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-04 11:32:13 . 2010-04-16 23:31:27 30808 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-04 11:32:12 . 2010-04-16 23:31:25 19544 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-10-01 07:11:56 . 2011-01-09 09:48:12 462112 ----a-w- C:\Program Files\Common Files\ZugoInstaller.exe
2011-06-16 04:30:16 . 2011-07-06 20:33:51 142296 -c--a-w- D:\Program Files\mozilla firefox\components\browsercomps.dll
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
[-] 2008-10-19 06:35:29 . A825F4181AEC077D8DCA1053DC015265 . 1542656 . . [2001.12.4414.700] . . C:\WINDOWS\system32\comres.dll
[-] 2008-10-19 06:38:45 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\winlogon.exe
[-] 2008-10-19 06:35:24 . 3AC5A6BB0491CADA4F424978ECCD9A29 . 678400 . . [5.82 (xpsp.080413-2105)] . . C:\WINDOWS\system32\comctl32.dll
[7] 2008-04-14 07:37:06 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0 (xpsp.080413-2105)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2001-10-25 15:00:00 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0 (xpclient.010817-1148)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-10-19 06:38:33 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\user32.dll
[-] 2008-10-19 06:35:49 . DD7E25E20AEBD672DAE7E1D911C2D824 . 1589760 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe
[-] 2008-04-14 07:52:44 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\regedit.exe
[-] 2008-11-05 16:33:50 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfcfiles.dll
[-] 2008-10-19 06:35:36 . 0AB43CE7EFFAD6B4914AE3C1B489AAA1 . 66560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\ctfmon.exe
[-] 2010-02-17 12:26:56 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670 (xpsp_sp2_qfe.100216-2016)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 19:34:49 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670 (xpsp_sp2_gdr.100216-1441)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[-] 2010-02-16 19:09:02 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938 (xpsp_sp3_gdr.100216-1514)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 19:02:20 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938 (xpsp_sp3_qfe.100216-1510)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[-] 2009-02-10 17:09:12 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 11:52:19 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520 (xpsp_sp2_gdr.090206-1233)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 11:44:58 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 11:19:06 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[-] 2008-11-30 09:45:45 . D7B0E6DB49932363CA4B899D51283DC4 . 2187264 . . [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] . . C:\WINDOWS\system32\ntkrnlpa.exe
[-] 2010-02-17 12:09:02 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938 (xpsp_sp3_gdr.100216-1514)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 19:34:49 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670 (xpsp_sp2_gdr.100216-1441)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[-] 2010-02-16 19:26:52 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670 (xpsp_sp2_qfe.100216-2016)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 19:02:19 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938 (xpsp_sp3_qfe.100216-1510)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 17:18:42 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 11:52:17 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520 (xpsp_sp2_gdr.090206-1233)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 11:44:53 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 11:26:15 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[-] 2008-10-19 06:37:25 . A69197AE1673554E6D30199A23C2AC3C . 2308608 . . [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] . . C:\WINDOWS\system32\ntoskrnl.exe
((((((((((((((((((((((((((((( SnapShot@2010-10-16_21.58.22 )))))))))))))))))))))))))))))))))))))))))
+ 2006-12-01 23:46:44 . 2006-12-01 23:46:44 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
- 2006-12-01 22:46:44 . 2006-12-01 22:46:44 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2009-07-11 19:54:50 . 2009-07-11 19:54:50 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32:08 . 2009-07-11 19:32:08 49152 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32:02 . 2009-07-11 19:32:02 49152 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32:02 . 2009-07-11 19:32:02 61440 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32:06 . 2009-07-11 19:32:06 45056 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32:06 . 2009-07-11 19:32:06 40960 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-11 19:32:00 . 2009-07-11 19:32:00 61440 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32:04 . 2009-07-11 19:32:04 61440 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32:08 . 2009-07-11 19:32:08 57344 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32:00 . 2009-07-11 19:32:00 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2011-02-11 20:36:45 . 2011-02-11 20:36:45 82432 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2010-04-18 12:27:31 . 2010-12-23 18:26:54 21840 C:\WINDOWS\system32\SIntfNT.dll
- 2010-04-18 12:27:31 . 2010-09-03 21:02:32 21840 C:\WINDOWS\system32\SIntfNT.dll
+ 2010-04-18 12:27:31 . 2010-12-23 18:26:54 17212 C:\WINDOWS\system32\SIntf32.dll
- 2010-04-18 12:27:31 . 2010-09-03 21:02:32 17212 C:\WINDOWS\system32\SIntf32.dll
+ 2010-04-18 12:27:31 . 2010-12-23 18:26:54 12067 C:\WINDOWS\system32\SIntf16.dll
- 2010-04-18 12:27:31 . 2010-09-03 21:02:32 12067 C:\WINDOWS\system32\SIntf16.dll
+ 2010-12-25 22:10:56 . 2010-08-06 20:10:44 69120 C:\WINDOWS\system32\sda\SDRTCPRM.dll
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:24 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecwhnt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 25856 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecnd5.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 14976 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecmdfl.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 10624 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\sseccrnt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:20 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\sseccmnt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:20 86528 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecbus.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:12 73728 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcwhnt.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 14848 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcmdfl.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbccmnt.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:14 83328 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcbus.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:48 55296 C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
+ 2011-01-09 20:59:39 . 2007-01-07 17:10:28 66880 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcbus.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:24 73728 C:\WINDOWS\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bwhnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 98560 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bserd.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 14976 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bmdfl.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bcmnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 90112 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bbus.sys
+ 2011-01-09 20:59:37 . 2009-02-25 09:13:36 74240 C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
+ 2011-01-09 20:59:37 . 2006-07-21 11:15:28 89584 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdobex.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:14:40 91744 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdmgmt.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:12:56 66672 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdbus.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdwhnt.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 14976 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdmdfl.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdcmnt.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 87296 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdbus.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:54 11188 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdwhnt.sys
+ 2011-01-09 20:59:36 . 2007-07-03 15:53:24 70824 C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 10864 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdmdfl.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 11877 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdcmnt.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:50 80272 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdbus.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:59:10 86824 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdserd.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:57:24 11944 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdmdfl.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:54:24 80552 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdbus.sys
+ 2011-01-09 20:59:34 . 2007-05-02 10:12:28 72968 C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
+ 2011-01-09 20:59:34 . 2005-08-30 00:49:38 94000 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_mdm.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:47:38 58320 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_bus.sys
+ 2011-02-11 20:37:35 . 2007-05-02 10:12:36 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_whnt.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:36 15112 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_mdfl.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:34 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_cmnt.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:34 83592 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_bus.sys
+ 2011-01-09 20:59:31 . 2007-05-02 10:11:12 72968 C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
+ 2011-01-09 20:59:31 . 2005-08-30 16:59:00 94000 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_mdm.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:57:18 58320 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_bus.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:18 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_whnt.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:18 15112 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_mdfl.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:16 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_cmnt.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:16 83592 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_bus.sys
+ 2010-12-25 22:16:09 . 2006-07-19 11:27:26 13568 C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\L8042Kbd.sys
+ 2010-12-25 22:16:09 . 2008-04-14 04:59:08 24576 C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\kbdclass.sys
+ 2010-12-25 22:16:09 . 2008-04-14 02:21:16 52096 C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\i8042prt.sys
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 71440 C:\WINDOWS\system32\perfc009.dat
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 84202 C:\WINDOWS\system32\perfc005.dat
+ 2010-05-30 16:52:10 . 2007-05-02 15:31:52 90624 C:\WINDOWS\system32\nmwcdcls.dll
- 2008-04-14 03:51:44 . 2008-11-30 09:45:45 20992 C:\WINDOWS\system32\hid.dll
+ 2008-04-14 03:51:44 . 2008-04-14 01:51:44 20992 C:\WINDOWS\system32\hid.dll
+ 2010-12-08 19:51:44 . 2009-03-18 15:35:40 26176 C:\WINDOWS\system32\hamachi.sys
+ 2011-02-11 20:37:24 . 2009-03-31 08:39:36 36608 C:\WINDOWS\system32\FsUsbExDisk.Sys
+ 2011-04-04 15:13:46 . 2005-12-05 16:07:30 63696 C:\WINDOWS\system32\dxdllreg.exe
+ 2011-02-11 20:38:09 . 2007-05-02 15:31:54 12288 C:\WINDOWS\system32\DRVSTORE\nmwcdsam2k_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsacm.sys
+ 2011-02-11 20:38:10 . 2007-05-02 15:31:54 12288 C:\WINDOWS\system32\DRVSTORE\nmwcdsacj_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsacj.sys
+ 2011-02-11 20:38:08 . 2007-05-02 15:31:52 90624 C:\WINDOWS\system32\DRVSTORE\nmwcdsa_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdcls.dll
+ 2010-10-24 10:56:14 . 2008-04-13 17:15:38 26112 C:\WINDOWS\system32\drivers\usbser.sys
- 2010-05-30 16:56:52 . 2008-04-13 17:15:38 26112 C:\WINDOWS\system32\drivers\usbser.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bwhnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bwh.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 14976 C:\WINDOWS\system32\drivers\ss_bmdfl.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bcmnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bcm.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 90112 C:\WINDOWS\system32\drivers\ss_bbus.sys
- 2008-10-09 13:42:42 . 2008-10-09 13:42:42 17408 C:\WINDOWS\system32\drivers\KMWDFILTER.sys
+ 2008-10-09 13:42:42 . 2008-10-09 14:42:42 17408 C:\WINDOWS\system32\drivers\KMWDFILTER.sys
+ 2010-12-25 22:15:51 . 2008-11-03 14:03:28 13880 C:\WINDOWS\system32\drivers\kbfiltr.sys
+ 2008-04-14 06:59:08 . 2008-04-14 05:59:08 24576 C:\WINDOWS\system32\drivers\kbdclass.sys
- 2008-04-14 06:59:08 . 2008-04-14 04:59:08 24576 C:\WINDOWS\system32\drivers\kbdclass.sys
+ 2008-04-14 06:51:16 . 2008-04-14 05:51:16 52096 C:\WINDOWS\system32\drivers\i8042prt.sys
- 2008-04-14 06:51:16 . 2008-04-14 02:21:16 52096 C:\WINDOWS\system32\drivers\i8042prt.sys
- 2010-04-16 18:06:54 . 2008-04-13 21:15:28 10368 C:\WINDOWS\system32\drivers\hidusb.sys
+ 2010-12-25 22:21:10 . 2008-04-13 21:15:28 10368 C:\WINDOWS\system32\drivers\hidusb.sys
+ 2010-12-25 22:15:13 . 2009-11-02 16:47:58 11520 C:\WINDOWS\system32\drivers\gMouUsb.sys
+ 2010-12-25 22:15:13 . 2009-11-02 16:43:26 20480 C:\WINDOWS\system32\drivers\gHidPnp.sys
+ 2011-04-04 15:13:44 . 2002-08-29 01:41:00 31744 C:\WINDOWS\system32\dllcache\pid.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 80896 C:\WINDOWS\system32\dllcache\dpvsetup.exe
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 77824 C:\WINDOWS\system32\dllcache\dpmodemx.dll
+ 2010-04-16 22:58:42 . 2010-10-04 21:02:56 53248 C:\WINDOWS\system32\CSVer.dll
- 2010-04-16 22:58:42 . 2010-02-23 18:04:06 53248 C:\WINDOWS\system32\CSVer.dll
+ 2011-04-04 15:13:51 . 2004-07-09 02:27:28 48512 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys
+ 2011-04-04 15:13:49 . 2002-12-11 22:14:32 13312 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\msdmo.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 34304 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mciqtz32.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 18944 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\encapi.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 46592 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 18432 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dswave.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 79360 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 80896 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 19968 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvacm.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 16896 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
+ 2011-04-04 15:13:45 . 2003-03-24 07:00:02 68096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll
+ 2011-04-04 15:13:45 . 2003-03-24 07:00:02 32768 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 77824 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpmodemx.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 28160 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 98816 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmstyle.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 76800 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmscript.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 33280 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 58368 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmcompos.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 27136 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmband.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 24064 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddrawex.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 64512 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\amstream.dll
+ 2011-02-11 20:36:51 . 2011-02-11 20:36:51 69632 C:\WINDOWS\Installer\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\NewShortcut2_01C721FC513240DBAFA32CDD8E8EF44C.exe
+ 2011-02-11 20:36:51 . 2011-02-11 20:36:51 69632 C:\WINDOWS\Installer\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\NewShortcut1_BC83074A2A3E40719890F014C2201AB8.exe
+ 2011-02-11 20:36:51 . 2011-02-11 20:36:51 57344 C:\WINDOWS\Installer\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ARPPRODUCTICON.exe
+ 2010-04-17 08:18:27 . 2011-07-06 20:27:21 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-04-17 08:18:27 . 2010-04-17 08:18:27 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-02-11 21:15:49 . 2011-02-11 21:15:49 53248 C:\WINDOWS\Installer\{55498676-2209-4555-BFBA-0BDA82AAA98A}\ARPPRODUCTICON.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\ARPPRODUCTICON.exe
+ 2011-04-04 15:13:51 . 2004-07-09 02:27:28 48512 C:\WINDOWS\Driver Cache\i386\stream.sys
+ 2011-04-04 15:13:44 . 2002-08-29 01:41:00 31744 C:\WINDOWS\Driver Cache\i386\pid.dll
+ 2011-01-09 20:59:39 . 2007-01-07 17:10:24 5936 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcwhnt.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:18 9360 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcmdfl.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:16 6272 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbccmnt.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:12:52 5872 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdwhnt.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:13:48 9232 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdmdfl.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:15:26 6208 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdcmnt.sys
+ 2011-02-11 20:37:39 . 2007-07-03 16:00:16 9256 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdwhnt.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:56:00 9256 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdcmnt.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:47:34 5840 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_whnt.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:49:34 8336 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_mdfl.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:49:28 6176 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_cmnt.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:57:14 5808 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_whnt.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:58:56 8304 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_mdfl.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:58:50 6144 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_cmnt.sys
+ 2011-02-11 20:38:09 . 2007-05-02 15:31:54 8320 C:\WINDOWS\system32\DRVSTORE\nmwcdsac_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsac.sys
+ 2010-05-30 17:05:21 . 2009-12-30 09:30:48 7936 C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
+ 2011-01-09 20:59:09 . 2011-02-11 21:13:30 5632 C:\WINDOWS\system32\drivers\StarOpen.sys
+ 2010-12-09 14:15:27 . 2008-04-13 18:09:52 5504 C:\WINDOWS\system32\drivers\MSTEE.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\swenum.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5504 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mstee.sys
+ 2011-04-04 15:13:51 . 2001-08-23 03:00:00 4608 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspqm.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5248 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspclock.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 7424 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mskssrv.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
+ 2011-04-04 15:13:45 . 2002-12-11 22:14:32 3072 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnlobby.dll
+ 2011-04-04 15:13:45 . 2002-12-11 22:14:32 3072 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnaddr.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 8192 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8thk.dll
+ 2011-02-11 20:38:11 . 2011-02-11 20:38:11 3262 C:\WINDOWS\Installer\{7E84FAC8-C518-40F9-9807-7455301D6D25}\ARPPRODUCTICON.exe
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\Driver Cache\i386\swenum.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5504 C:\WINDOWS\Driver Cache\i386\mstee.sys
+ 2011-04-04 15:13:51 . 2001-08-23 03:00:00 4608 C:\WINDOWS\Driver Cache\i386\mspqm.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5248 C:\WINDOWS\Driver Cache\i386\mspclock.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 7424 C:\WINDOWS\Driver Cache\i386\mskssrv.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\Driver Cache\i386\ksuser.dll
+ 2011-07-22 13:53:36 . 2011-06-29 10:20:24 743936 C:\WINDOWS\ufa\ufa.exe
+ 2011-02-11 20:37:53 . 2009-03-09 14:20:00 103936 C:\WINDOWS\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 109312 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecunic.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 104192 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecobex.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 108032 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecmgmt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 114304 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecmdm.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 109696 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcmdm.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:22 100864 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcmdm.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 121856 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bmdm.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:13:52 100304 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdmdm.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 106368 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdobex.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 110208 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdmgmt.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 115968 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdmdm.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 108003 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdserd.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 137884 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdmdm.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:58:20 106792 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdmdm.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:36 109704 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_mdm.sys
+ 2011-02-11 20:37:33 . 2007-05-02 10:11:18 109704 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_mdm.sys
+ 2010-12-25 22:10:55 . 2010-07-20 23:42:22 313960 C:\WINDOWS\system32\RtsUStor.dll
+ 2011-05-21 19:02:02 . 2006-06-20 08:56:42 225280 C:\WINDOWS\system32\rewire.dll
+ 2010-12-25 22:11:04 . 2008-10-07 21:06:34 158720 C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\RTS5121.sys
+ 2010-12-25 22:11:04 . 2008-09-18 21:27:38 266240 C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\rts5121.dll
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 436972 C:\WINDOWS\system32\perfh009.dat
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 437238 C:\WINDOWS\system32\perfh005.dat
+ 2010-04-16 20:54:53 . 2011-08-06 21:06:30 206928 C:\WINDOWS\system32\inetsrv\MetaBase.bin
+ 2011-02-11 20:37:24 . 2009-03-31 08:39:36 233472 C:\WINDOWS\system32\FsUsbExService.Exe
+ 2011-02-11 20:37:24 . 2009-03-31 08:39:36 110592 C:\WINDOWS\system32\FsUsbExDevice.Dll
+ 2011-01-09 20:59:49 . 2006-05-03 21:53:54 174592 C:\WINDOWS\system32\framedyn.dll
+ 2011-02-11 20:38:08 . 2007-05-02 15:32:34 135680 C:\WINDOWS\system32\DRVSTORE\nmwcdsa_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsa.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 121856 C:\WINDOWS\system32\drivers\ss_bmdm.sys
+ 2010-12-25 22:10:56 . 2010-07-20 23:43:14 194664 C:\WINDOWS\system32\drivers\RtsUStor.sys
+ 2011-04-04 15:01:30 . 2011-04-04 15:01:30 218688 C:\WINDOWS\system32\drivers\dtsoftbus01.sys
+ 2011-04-04 15:13:44 . 2001-08-23 03:00:00 223232 C:\WINDOWS\system32\dllcache\gcdef.dll
+ 2011-04-04 15:13:46 . 2004-07-09 02:27:28 974848 C:\WINDOWS\system32\dllcache\dxdiag.exe
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 381952 C:\WINDOWS\system32\dllcache\dpvoice.dll
+ 2011-02-14 16:22:44 . 2011-02-14 16:22:44 108144 C:\WINDOWS\system32\CmdLineExt.dll
+ 2011-04-04 15:13:50 . 2002-12-11 22:14:32 733184 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedwipes.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 470528 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 316928 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 257024 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qcap.dll
+ 2011-04-04 15:13:50 . 2002-12-11 22:14:32 173056 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qasf.dll
+ 2011-04-04 15:13:49 . 2002-12-11 22:14:32 324096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mswebdvd.dll
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 130304 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ks.sys
+ 2011-04-04 15:13:46 . 2004-07-09 02:27:28 974848 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 602624 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx7vb.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 381952 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 491520 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmoprp.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 186880 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmo.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 112128 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvvox.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 381952 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvoice.dll
+ 2011-04-04 15:13:45 . 2002-12-11 22:14:32 723968 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnet.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 230400 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 122880 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 100864 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmsynth.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 181248 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll
+ 2011-04-04 15:13:48 . 2003-05-30 07:00:02 132608 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 292864 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
+ 2011-04-04 15:13:44 . 2003-05-30 07:00:02 797184 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll
+ 2010-12-25 22:16:13 . 2010-12-25 22:16:13 424960 C:\WINDOWS\Installer\c2ff59.msi
+ 2011-01-09 20:59:23 . 2011-01-09 20:59:23 167424 C:\WINDOWS\Installer\b7d8967.msi
+ 2007-10-29 19:56:32 . 2007-10-29 19:56:32 822784 C:\WINDOWS\Installer\b7d8962.msi
+ 2011-06-07 19:17:03 . 2011-06-07 19:17:03 890880 C:\WINDOWS\Installer\1e7fc.msi
+ 2011-02-11 20:38:10 . 2011-02-11 20:38:10 176128 C:\WINDOWS\Installer\12c66ef.msi
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 130304 C:\WINDOWS\Driver Cache\i386\ks.sys
+ 2011-02-11 20:36:44 . 2011-02-11 20:36:45 1230336 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2010-12-25 22:10:55 . 2010-07-20 23:42:28 9112168 C:\WINDOWS\system32\RtsUStoricon.dll
+ 2010-12-25 22:11:04 . 2008-08-27 18:47:26 6963200 C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\rts5121icon.dll
+ 2011-04-13 22:40:10 . 2011-04-13 22:40:10 4284416 C:\WINDOWS\system32\GPhotos.scr
+ 2011-04-04 15:13:48 . 2003-05-30 07:00:02 1962496 C:\WINDOWS\system32\dllcache\quartz.dll
+ 2011-04-04 15:14:22 . 2005-07-22 17:59:04 2319568 C:\WINDOWS\system32\d3dx9_27.dll
+ 2011-04-04 15:13:48 . 2003-05-30 07:00:02 1962496 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\quartz.dll
+ 2011-04-04 15:13:50 . 2002-12-11 22:14:32 1798144 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedit.dll
+ 2011-04-04 15:13:44 . 2003-05-30 07:00:02 1189888 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx8vb.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 1294336 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound3d.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 1201152 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll
+ 2011-07-22 14:38:46 . 2011-07-22 14:38:46 1597440 C:\WINDOWS\Installer\2bd2aa.msi
+ 2011-07-06 20:26:40 . 2011-07-06 20:26:40 20333056 C:\WINDOWS\Installer\7542cde.msp
+ 2011-02-11 20:36:46 . 2011-02-11 20:36:49 35743744 C:\WINDOWS\Installer\12c66e8.msi
+ 2011-02-11 21:15:41 . 2011-02-11 21:15:42 190102016 C:\WINDOWS\Installer\1529e0d.msi
-- Snímek resetován k současnému datu --
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 15:25:14 138552]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51:30 3911776 -c--a-w- D:\program files\ConduitEngine\ConduitEngine.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
2010-02-11 07:58:56 185856 -c--a-w- D:\program files\Get Styles\enlbrdr.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25:12 1438520 -c--a-w- D:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 15:25:12 1438520]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "D:\Program Files\ConduitEngine\ConduitEngine.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 15:25:12 1438520]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43:46 122512 -c--a-w- D:\program files\AVAST Software\Avast\ashShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"="D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-02-11 21:13:41 102400]
"DAEMON Tools Lite"="D:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 09:20:12 1305408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 13:02:16 1430824]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 11:56:34 64512]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2008-11-05 16:33:39 77312]
"DrvIcon"="C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe" [2007-07-04 19:59:02 45056]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 02:30:48 33648]
"AzMixerSel"="C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-18 05:40:30 53248]
"PLFSetL"="C:\WINDOWS\PLFSetL.exe" [2008-07-03 11:28:22 94208]
"PLFSetI"="C:\WINDOWS\PLFSetI.exe" [2008-07-29 14:59:26 200704]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-26 13:31:32 19522592]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-09 21:28:38 98304]
"SweetIM"="D:\Program Files\SweetIM\Messenger\SweetIM.exe" [2010-06-07 13:32:12 111928]
"avast"="D:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-07-04 11:43:54 3493720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-10-19 06:35:36 66560]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-11-1 576104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Driver Genius.lnk]
backup=C:\WINDOWS\pss\Driver Genius.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04:47 35760 ----a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20:12 1305408 -c--a-w- D:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-05-25 15:29:54 1951112 -c--a-w- D:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50:42 155648 ----a-r- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 08:57:36 1451520 -c--a-w- D:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-04-11 06:16:12 1276416 ----a-w- C:\Program Files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-04-06 00:27:46 26102056 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-09 23:57:04 144784 ----a-w- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\ICQ7.1\\ICQ.exe"=
"C:\\Program Files\\ICQ7.1\\aolload.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"D:\\Hry\\Metin2_CZ\\metin2client.bin"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Hry\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"D:\\Hry\\Metin2_CZ\\metin2.bin"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"D:\\program files\\Bonjour\\mDNSResponder.exe"=
"D:\\nbs\\NBA 2K10 RePack by Chikatila\\nba2k10.exe"=
"D:\\program files\\Valve\\hlds.exe"=
"D:\\program files\\Valve\\hl.exe"=
"D:\\program files\\HLSW\\hlsw.exe"=
"D:\\program files\\Miranda IM KP v5.0.8.15\\miranda32.exe"=
"D:\\program files\\Opera\\opera.exe"=
"D:\\program files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"D:\\program files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"D:\\program files\\uTorrent\\uTorrent.exe"=
"D:\\program files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"D:\\Hry\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"D:\\Hry\\Landwirtschafts Simulator 2011\\game.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19462:TCP"= 19462:TCP:BitComet 19462 TCP
"19462:UDP"= 19462:UDP:BitComet 19462 UDP
R0 vax347b;vax347b;C:\WINDOWS\system32\drivers\vax347b.sys [16.4.2010 20:45:32 159616]
R0 vax347s;vax347s;C:\WINDOWS\system32\drivers\vax347s.sys [16.4.2010 20:45:32 5248]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [23.7.2011 12:58:14 441176]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [17.4.2010 1:31:25 309848]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\system32\drivers\dtsoftbus01.sys [4.4.2011 17:01:30 218688]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [17.4.2010 1:31:25 19544]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 17:09:10 1253376]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [11.2.2011 22:37:24 233472]
R2 GtDetectSc;GtDetectSc;C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe [30.4.2008 16:52:36 200704]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;D:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29:48 1336712]
R2 IconMan_R;IconMan_R;D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [26.12.2010 0:11:08 1809920]
R2 QDLService;Qualcomm Gobi Download Service;C:\QUALCOMM\QDLService\QDLService.exe [29.10.2008 5:41:30 345336]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [11.2.2011 22:37:24 36608]
R3 gHidPnp;USB Device Enhanced Function Driver;C:\WINDOWS\system32\drivers\gHidPnp.sys [26.12.2010 0:15:13 20480]
R3 gMouUsb;USB Mouse Device Drv;C:\WINDOWS\system32\drivers\gMouUsb.sys [26.12.2010 0:15:13 11520]
S2 GeniusMouseService;GeniusMouseService;D:\Genius\ioCentre\GMouseService.exe --> D:\Genius\ioCentre\GMouseService.exe [?]
S3 Ambfilt;Ambfilt;C:\WINDOWS\system32\drivers\Ambfilt.sys [17.4.2010 0:49:13 1691480]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 11:10:02 3276800]
S3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;C:\WINDOWS\system32\drivers\k57xp32.sys [17.4.2010 11:12:45 186880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\system32\drivers\RtsUStor.sys [26.12.2010 0:10:56 194664]
S3 Rts516xIR;Realtek IR Driver;C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys --> C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);C:\WINDOWS\system32\drivers\s0016bus.sys [17.4.2010 10:04:27 89256]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [11.2.2011 22:37:46 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [11.2.2011 22:37:46 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [11.2.2011 22:37:46 121856]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2008-10-16 19:33:48 124928 ----a-w- C:\WINDOWS\system32\advpack.dll
Obsah adresáře 'Naplánované úlohy'
2011-08-06 C:\WINDOWS\Tasks\AWC AutoSweep.job
- D:\Program Files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-06-19 12:48:53 . 2010-01-22 13:11:04]
------- Doplňkový sken -------
mStart Page = hxxp://home.sweetim.com
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 82.100.3.1 62.240.162.158
FF - ProfilePath - C:\Documents and Settings\asdfg\Data aplikací\Mozilla\Firefox\Profiles\ca3sdkui.default\
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
MSConfigStartUp-Sony Ericsson PC Suite - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
AddRemove-Cool's_Codec_pack_4.12 - C:\WINDOWS\iun6002.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-06 23:06:08
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
Sorry byl sem 14 dní pryč :)) Tak v nouzáku:
ComboFix 11-08-06.02 - asdfg 06.08.2011 22:59:11.7.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2043.1622 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\asdfg\Plocha\pitomec.com
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\btc_client_iplist.txt
C:\WINDOWS\ddh_iplist.txt
C:\WINDOWS\front_ip_list.txt
C:\WINDOWS\geoiplist
C:\WINDOWS\geoiplist.rar
C:\WINDOWS\iecheck_iplist.txt
C:\WINDOWS\info1
C:\WINDOWS\iplist.txt
C:\WINDOWS\iun6002.exe
C:\WINDOWS\loader2.exe_ok
C:\WINDOWS\phoenix
C:\WINDOWS\phoenix.rar
C:\WINDOWS\phoenix\kernels\phatk\__init__.py
C:\WINDOWS\phoenix\kernels\phatk\__init__.pyc
C:\WINDOWS\phoenix\kernels\phatk\BFIPatcher.py
C:\WINDOWS\phoenix\kernels\phatk\kernel.cl
C:\WINDOWS\phoenix\kernels\poclbm\__init__.py
C:\WINDOWS\phoenix\kernels\poclbm\__init__.pyc
C:\WINDOWS\phoenix\kernels\poclbm\BFIPatcher.py
C:\WINDOWS\phoenix\kernels\poclbm\kernel.cl
C:\WINDOWS\phoenix\phoenix.exe
C:\WINDOWS\rpcminer
C:\WINDOWS\rpcminer.rar
C:\WINDOWS\rpcminer\bitcoinminercuda_10.cubin
C:\WINDOWS\rpcminer\bitcoinminercuda_11.cubin
C:\WINDOWS\rpcminer\bitcoinminercuda_20.cubin
C:\WINDOWS\rpcminer\bitcoinmineropencl.cl
C:\WINDOWS\rpcminer\cudart32_32_16.dll
C:\WINDOWS\rpcminer\curllib.dll
C:\WINDOWS\rpcminer\libeay32.dll
C:\WINDOWS\rpcminer\libsasl.dll
C:\WINDOWS\rpcminer\openldap.dll
C:\WINDOWS\rpcminer\rpcminer-4way.exe
C:\WINDOWS\rpcminer\rpcminer-cpu.exe
C:\WINDOWS\rpcminer\rpcminer-cuda.exe
C:\WINDOWS\rpcminer\rpcminer-opencl.exe
C:\WINDOWS\rpcminer\ssleay32.dll
C:\WINDOWS\system32\drivers\etc\HSTS~1
C:\WINDOWS\ufa.rar
C:\WINDOWS\winlog-dirs.txt
C:\WINDOWS\winlog-ids.txt
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_WXPDRIVERS
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-06 do 2011-08-06 )))))))))))))))))))))))))))))))
2011-07-25 13:27:19 . 2011-07-25 13:34:03 -------- d-----w- C:\pitomec
2011-07-23 10:58:14 . 2011-07-04 11:36:43 441176 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-23 10:57:45 . 2011-07-23 10:57:45 -------- dc----w- D:\Program Files\AVAST Software
2011-07-23 10:57:45 . 2011-07-23 10:57:45 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-23 10:42:42 . 2011-07-23 10:42:42 -------- d-----w- C:\Documents and Settings\asdfg\Data aplikací\Malwarebytes
2011-07-23 10:42:37 . 2011-07-06 17:52:42 41272 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-23 10:42:36 . 2011-07-23 10:42:36 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-07-23 10:42:33 . 2011-07-23 10:42:38 -------- dc----w- D:\Program Files\Malwarebytes' Anti-Malware
2011-07-23 10:42:33 . 2011-07-06 17:52:42 22712 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-22 14:38:45 . 2011-07-22 14:38:45 -------- dc----w- D:\Program Files\ATI
2011-07-22 14:38:30 . 2011-07-22 14:38:30 -------- dc----w- D:\Program Files\ATI Technologies
2011-07-22 13:53:35 . 2011-07-22 13:53:36 -------- d-----w- C:\WINDOWS\ufa
2011-07-22 13:52:49 . 2011-07-22 13:53:34 246272 ----a-w- C:\WINDOWS\unrar.exe
2011-07-21 17:31:53 . 2011-07-21 17:31:53 -------- d-----w- C:\WINDOWS\av_ico
2011-07-21 17:20:06 . 2011-07-21 17:20:06 -------- d-----w- C:\Documents and Settings\LocalService\Nabídka Start
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-07-04 11:43:53 . 2010-06-30 16:04:16 40112 ----a-w- C:\WINDOWS\avastSS.scr
2011-07-04 11:43:51 . 2010-04-16 23:31:10 199304 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2011-07-04 11:36:32 . 2010-04-16 23:31:25 309848 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-04 11:35:23 . 2010-04-16 23:31:28 43608 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-04 11:35:12 . 2010-04-16 23:31:25 102616 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-04 11:35:09 . 2010-04-16 23:31:25 96344 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-04 11:32:32 . 2010-04-16 23:31:28 25432 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-04 11:32:13 . 2010-04-16 23:31:27 30808 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-04 11:32:12 . 2010-04-16 23:31:25 19544 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-10-01 07:11:56 . 2011-01-09 09:48:12 462112 ----a-w- C:\Program Files\Common Files\ZugoInstaller.exe
2011-06-16 04:30:16 . 2011-07-06 20:33:51 142296 -c--a-w- D:\Program Files\mozilla firefox\components\browsercomps.dll
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
[-] 2008-10-19 06:35:29 . A825F4181AEC077D8DCA1053DC015265 . 1542656 . . [2001.12.4414.700] . . C:\WINDOWS\system32\comres.dll
[-] 2008-10-19 06:38:45 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\winlogon.exe
[-] 2008-10-19 06:35:24 . 3AC5A6BB0491CADA4F424978ECCD9A29 . 678400 . . [5.82 (xpsp.080413-2105)] . . C:\WINDOWS\system32\comctl32.dll
[7] 2008-04-14 07:37:06 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0 (xpsp.080413-2105)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2001-10-25 15:00:00 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0 (xpclient.010817-1148)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-10-19 06:38:33 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\user32.dll
[-] 2008-10-19 06:35:49 . DD7E25E20AEBD672DAE7E1D911C2D824 . 1589760 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe
[-] 2008-04-14 07:52:44 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\regedit.exe
[-] 2008-11-05 16:33:50 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfcfiles.dll
[-] 2008-10-19 06:35:36 . 0AB43CE7EFFAD6B4914AE3C1B489AAA1 . 66560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\ctfmon.exe
[-] 2010-02-17 12:26:56 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670 (xpsp_sp2_qfe.100216-2016)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 19:34:49 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670 (xpsp_sp2_gdr.100216-1441)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[-] 2010-02-16 19:09:02 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938 (xpsp_sp3_gdr.100216-1514)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 19:02:20 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938 (xpsp_sp3_qfe.100216-1510)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[-] 2009-02-10 17:09:12 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 11:52:19 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520 (xpsp_sp2_gdr.090206-1233)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 11:44:58 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 11:19:06 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[-] 2008-11-30 09:45:45 . D7B0E6DB49932363CA4B899D51283DC4 . 2187264 . . [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] . . C:\WINDOWS\system32\ntkrnlpa.exe
[-] 2010-02-17 12:09:02 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938 (xpsp_sp3_gdr.100216-1514)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 19:34:49 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670 (xpsp_sp2_gdr.100216-1441)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[-] 2010-02-16 19:26:52 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670 (xpsp_sp2_qfe.100216-2016)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 19:02:19 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938 (xpsp_sp3_qfe.100216-1510)] . . C:\WINDOWS\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 17:18:42 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 11:52:17 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520 (xpsp_sp2_gdr.090206-1233)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 11:44:53 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 11:26:15 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[-] 2008-10-19 06:37:25 . A69197AE1673554E6D30199A23C2AC3C . 2308608 . . [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] . . C:\WINDOWS\system32\ntoskrnl.exe
((((((((((((((((((((((((((((( SnapShot@2010-10-16_21.58.22 )))))))))))))))))))))))))))))))))))))))))
+ 2006-12-01 23:46:44 . 2006-12-01 23:46:44 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
- 2006-12-01 22:46:44 . 2006-12-01 22:46:44 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2009-07-11 19:54:50 . 2009-07-11 19:54:50 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32:08 . 2009-07-11 19:32:08 49152 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32:02 . 2009-07-11 19:32:02 49152 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32:02 . 2009-07-11 19:32:02 61440 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32:06 . 2009-07-11 19:32:06 45056 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32:06 . 2009-07-11 19:32:06 40960 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-11 19:32:00 . 2009-07-11 19:32:00 61440 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32:04 . 2009-07-11 19:32:04 61440 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32:08 . 2009-07-11 19:32:08 57344 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32:00 . 2009-07-11 19:32:00 65536 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2011-02-11 20:36:45 . 2011-02-11 20:36:45 82432 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2010-04-18 12:27:31 . 2010-12-23 18:26:54 21840 C:\WINDOWS\system32\SIntfNT.dll
- 2010-04-18 12:27:31 . 2010-09-03 21:02:32 21840 C:\WINDOWS\system32\SIntfNT.dll
+ 2010-04-18 12:27:31 . 2010-12-23 18:26:54 17212 C:\WINDOWS\system32\SIntf32.dll
- 2010-04-18 12:27:31 . 2010-09-03 21:02:32 17212 C:\WINDOWS\system32\SIntf32.dll
+ 2010-04-18 12:27:31 . 2010-12-23 18:26:54 12067 C:\WINDOWS\system32\SIntf16.dll
- 2010-04-18 12:27:31 . 2010-09-03 21:02:32 12067 C:\WINDOWS\system32\SIntf16.dll
+ 2010-12-25 22:10:56 . 2010-08-06 20:10:44 69120 C:\WINDOWS\system32\sda\SDRTCPRM.dll
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:24 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecwhnt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 25856 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecnd5.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 14976 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecmdfl.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 10624 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\sseccrnt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:20 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\sseccmnt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:20 86528 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecbus.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:12 73728 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcwhnt.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 14848 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcmdfl.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbccmnt.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:14 83328 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcbus.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:48 55296 C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
+ 2011-01-09 20:59:39 . 2007-01-07 17:10:28 66880 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcbus.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:24 73728 C:\WINDOWS\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bwhnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 98560 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bserd.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 14976 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bmdfl.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bcmnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 90112 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bbus.sys
+ 2011-01-09 20:59:37 . 2009-02-25 09:13:36 74240 C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
+ 2011-01-09 20:59:37 . 2006-07-21 11:15:28 89584 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdobex.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:14:40 91744 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdmgmt.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:12:56 66672 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdbus.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdwhnt.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 14976 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdmdfl.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 12160 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdcmnt.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 87296 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdbus.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:54 11188 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdwhnt.sys
+ 2011-01-09 20:59:36 . 2007-07-03 15:53:24 70824 C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 10864 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdmdfl.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 11877 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdcmnt.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:50 80272 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdbus.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:59:10 86824 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdserd.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:57:24 11944 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdmdfl.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:54:24 80552 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdbus.sys
+ 2011-01-09 20:59:34 . 2007-05-02 10:12:28 72968 C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
+ 2011-01-09 20:59:34 . 2005-08-30 00:49:38 94000 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_mdm.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:47:38 58320 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_bus.sys
+ 2011-02-11 20:37:35 . 2007-05-02 10:12:36 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_whnt.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:36 15112 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_mdfl.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:34 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_cmnt.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:34 83592 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_bus.sys
+ 2011-01-09 20:59:31 . 2007-05-02 10:11:12 72968 C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
+ 2011-01-09 20:59:31 . 2005-08-30 16:59:00 94000 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_mdm.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:57:18 58320 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_bus.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:18 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_whnt.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:18 15112 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_mdfl.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:16 12424 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_cmnt.sys
+ 2011-02-11 20:37:32 . 2007-05-02 10:11:16 83592 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_bus.sys
+ 2010-12-25 22:16:09 . 2006-07-19 11:27:26 13568 C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\L8042Kbd.sys
+ 2010-12-25 22:16:09 . 2008-04-14 04:59:08 24576 C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\kbdclass.sys
+ 2010-12-25 22:16:09 . 2008-04-14 02:21:16 52096 C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\i8042prt.sys
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 71440 C:\WINDOWS\system32\perfc009.dat
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 84202 C:\WINDOWS\system32\perfc005.dat
+ 2010-05-30 16:52:10 . 2007-05-02 15:31:52 90624 C:\WINDOWS\system32\nmwcdcls.dll
- 2008-04-14 03:51:44 . 2008-11-30 09:45:45 20992 C:\WINDOWS\system32\hid.dll
+ 2008-04-14 03:51:44 . 2008-04-14 01:51:44 20992 C:\WINDOWS\system32\hid.dll
+ 2010-12-08 19:51:44 . 2009-03-18 15:35:40 26176 C:\WINDOWS\system32\hamachi.sys
+ 2011-02-11 20:37:24 . 2009-03-31 08:39:36 36608 C:\WINDOWS\system32\FsUsbExDisk.Sys
+ 2011-04-04 15:13:46 . 2005-12-05 16:07:30 63696 C:\WINDOWS\system32\dxdllreg.exe
+ 2011-02-11 20:38:09 . 2007-05-02 15:31:54 12288 C:\WINDOWS\system32\DRVSTORE\nmwcdsam2k_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsacm.sys
+ 2011-02-11 20:38:10 . 2007-05-02 15:31:54 12288 C:\WINDOWS\system32\DRVSTORE\nmwcdsacj_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsacj.sys
+ 2011-02-11 20:38:08 . 2007-05-02 15:31:52 90624 C:\WINDOWS\system32\DRVSTORE\nmwcdsa_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdcls.dll
+ 2010-10-24 10:56:14 . 2008-04-13 17:15:38 26112 C:\WINDOWS\system32\drivers\usbser.sys
- 2010-05-30 16:56:52 . 2008-04-13 17:15:38 26112 C:\WINDOWS\system32\drivers\usbser.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bwhnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bwh.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 14976 C:\WINDOWS\system32\drivers\ss_bmdfl.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bcmnt.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 12160 C:\WINDOWS\system32\drivers\ss_bcm.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 90112 C:\WINDOWS\system32\drivers\ss_bbus.sys
- 2008-10-09 13:42:42 . 2008-10-09 13:42:42 17408 C:\WINDOWS\system32\drivers\KMWDFILTER.sys
+ 2008-10-09 13:42:42 . 2008-10-09 14:42:42 17408 C:\WINDOWS\system32\drivers\KMWDFILTER.sys
+ 2010-12-25 22:15:51 . 2008-11-03 14:03:28 13880 C:\WINDOWS\system32\drivers\kbfiltr.sys
+ 2008-04-14 06:59:08 . 2008-04-14 05:59:08 24576 C:\WINDOWS\system32\drivers\kbdclass.sys
- 2008-04-14 06:59:08 . 2008-04-14 04:59:08 24576 C:\WINDOWS\system32\drivers\kbdclass.sys
+ 2008-04-14 06:51:16 . 2008-04-14 05:51:16 52096 C:\WINDOWS\system32\drivers\i8042prt.sys
- 2008-04-14 06:51:16 . 2008-04-14 02:21:16 52096 C:\WINDOWS\system32\drivers\i8042prt.sys
- 2010-04-16 18:06:54 . 2008-04-13 21:15:28 10368 C:\WINDOWS\system32\drivers\hidusb.sys
+ 2010-12-25 22:21:10 . 2008-04-13 21:15:28 10368 C:\WINDOWS\system32\drivers\hidusb.sys
+ 2010-12-25 22:15:13 . 2009-11-02 16:47:58 11520 C:\WINDOWS\system32\drivers\gMouUsb.sys
+ 2010-12-25 22:15:13 . 2009-11-02 16:43:26 20480 C:\WINDOWS\system32\drivers\gHidPnp.sys
+ 2011-04-04 15:13:44 . 2002-08-29 01:41:00 31744 C:\WINDOWS\system32\dllcache\pid.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 80896 C:\WINDOWS\system32\dllcache\dpvsetup.exe
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 77824 C:\WINDOWS\system32\dllcache\dpmodemx.dll
+ 2010-04-16 22:58:42 . 2010-10-04 21:02:56 53248 C:\WINDOWS\system32\CSVer.dll
- 2010-04-16 22:58:42 . 2010-02-23 18:04:06 53248 C:\WINDOWS\system32\CSVer.dll
+ 2011-04-04 15:13:51 . 2004-07-09 02:27:28 48512 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys
+ 2011-04-04 15:13:49 . 2002-12-11 22:14:32 13312 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\msdmo.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 34304 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mciqtz32.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 18944 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\encapi.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 46592 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 18432 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dswave.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 79360 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 80896 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 19968 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvacm.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 16896 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
+ 2011-04-04 15:13:45 . 2003-03-24 07:00:02 68096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll
+ 2011-04-04 15:13:45 . 2003-03-24 07:00:02 32768 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 77824 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpmodemx.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 28160 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 98816 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmstyle.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 76800 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmscript.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 33280 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 58368 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmcompos.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 27136 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmband.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 24064 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddrawex.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 64512 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\amstream.dll
+ 2011-02-11 20:36:51 . 2011-02-11 20:36:51 69632 C:\WINDOWS\Installer\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\NewShortcut2_01C721FC513240DBAFA32CDD8E8EF44C.exe
+ 2011-02-11 20:36:51 . 2011-02-11 20:36:51 69632 C:\WINDOWS\Installer\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\NewShortcut1_BC83074A2A3E40719890F014C2201AB8.exe
+ 2011-02-11 20:36:51 . 2011-02-11 20:36:51 57344 C:\WINDOWS\Installer\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ARPPRODUCTICON.exe
+ 2010-04-17 08:18:27 . 2011-07-06 20:27:21 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-04-17 08:18:27 . 2010-04-17 08:18:27 49152 C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-02-11 21:15:49 . 2011-02-11 21:15:49 53248 C:\WINDOWS\Installer\{55498676-2209-4555-BFBA-0BDA82AAA98A}\ARPPRODUCTICON.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-22 14:38:48 . 2011-07-22 14:38:48 77542 C:\WINDOWS\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\ARPPRODUCTICON.exe
+ 2011-04-04 15:13:51 . 2004-07-09 02:27:28 48512 C:\WINDOWS\Driver Cache\i386\stream.sys
+ 2011-04-04 15:13:44 . 2002-08-29 01:41:00 31744 C:\WINDOWS\Driver Cache\i386\pid.dll
+ 2011-01-09 20:59:39 . 2007-01-07 17:10:24 5936 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcwhnt.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:18 9360 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcmdfl.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:16 6272 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbccmnt.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:12:52 5872 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdwhnt.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:13:48 9232 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdmdfl.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:15:26 6208 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdcmnt.sys
+ 2011-02-11 20:37:39 . 2007-07-03 16:00:16 9256 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdwhnt.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:56:00 9256 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdcmnt.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:47:34 5840 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_whnt.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:49:34 8336 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_mdfl.sys
+ 2011-01-09 20:59:34 . 2005-08-30 00:49:28 6176 C:\WINDOWS\system32\Samsung_USB_Drivers\2\ssm_cmnt.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:57:14 5808 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_whnt.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:58:56 8304 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_mdfl.sys
+ 2011-01-09 20:59:31 . 2005-08-30 16:58:50 6144 C:\WINDOWS\system32\Samsung_USB_Drivers\1\ss_cmnt.sys
+ 2011-02-11 20:38:09 . 2007-05-02 15:31:54 8320 C:\WINDOWS\system32\DRVSTORE\nmwcdsac_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsac.sys
+ 2010-05-30 17:05:21 . 2009-12-30 09:30:48 7936 C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
+ 2011-01-09 20:59:09 . 2011-02-11 21:13:30 5632 C:\WINDOWS\system32\drivers\StarOpen.sys
+ 2010-12-09 14:15:27 . 2008-04-13 18:09:52 5504 C:\WINDOWS\system32\drivers\MSTEE.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\swenum.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5504 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mstee.sys
+ 2011-04-04 15:13:51 . 2001-08-23 03:00:00 4608 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspqm.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5248 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspclock.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 7424 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mskssrv.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
+ 2011-04-04 15:13:45 . 2002-12-11 22:14:32 3072 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnlobby.dll
+ 2011-04-04 15:13:45 . 2002-12-11 22:14:32 3072 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnaddr.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 8192 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8thk.dll
+ 2011-02-11 20:38:11 . 2011-02-11 20:38:11 3262 C:\WINDOWS\Installer\{7E84FAC8-C518-40F9-9807-7455301D6D25}\ARPPRODUCTICON.exe
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\Driver Cache\i386\swenum.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5504 C:\WINDOWS\Driver Cache\i386\mstee.sys
+ 2011-04-04 15:13:51 . 2001-08-23 03:00:00 4608 C:\WINDOWS\Driver Cache\i386\mspqm.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 5248 C:\WINDOWS\Driver Cache\i386\mspclock.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 7424 C:\WINDOWS\Driver Cache\i386\mskssrv.sys
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 4096 C:\WINDOWS\Driver Cache\i386\ksuser.dll
+ 2011-07-22 13:53:36 . 2011-06-29 10:20:24 743936 C:\WINDOWS\ufa\ufa.exe
+ 2011-02-11 20:37:53 . 2009-03-09 14:20:00 103936 C:\WINDOWS\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 109312 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecunic.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 104192 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecobex.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 108032 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecmgmt.sys
+ 2011-02-11 20:37:53 . 2009-01-15 10:11:22 114304 C:\WINDOWS\system32\Samsung_USB_Drivers\7\i386\ssecmdm.sys
+ 2011-02-11 20:37:50 . 2007-07-05 11:38:16 109696 C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\i386\ssbcmdm.sys
+ 2011-01-09 20:59:39 . 2007-01-07 17:11:22 100864 C:\WINDOWS\system32\Samsung_USB_Drivers\6\ssbcmdm.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 121856 C:\WINDOWS\system32\Samsung_USB_Drivers\6\i386\ss_bmdm.sys
+ 2011-01-09 20:59:37 . 2006-07-21 11:13:52 100304 C:\WINDOWS\system32\Samsung_USB_Drivers\5\sssdmdm.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 106368 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdobex.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 110208 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdmgmt.sys
+ 2011-02-11 20:37:42 . 2009-02-25 09:13:38 115968 C:\WINDOWS\system32\Samsung_USB_Drivers\5\i386\sssdmdm.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 108003 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdserd.sys
+ 2011-01-09 20:59:36 . 2005-12-22 11:24:52 137884 C:\WINDOWS\system32\Samsung_USB_Drivers\3\sscdmdm.sys
+ 2011-02-11 20:37:39 . 2007-07-03 15:58:20 106792 C:\WINDOWS\system32\Samsung_USB_Drivers\3\i386\sscdmdm.sys
+ 2011-02-11 20:37:36 . 2007-05-02 10:12:36 109704 C:\WINDOWS\system32\Samsung_USB_Drivers\2\i386\ssm_mdm.sys
+ 2011-02-11 20:37:33 . 2007-05-02 10:11:18 109704 C:\WINDOWS\system32\Samsung_USB_Drivers\1\i386\ss_mdm.sys
+ 2010-12-25 22:10:55 . 2010-07-20 23:42:22 313960 C:\WINDOWS\system32\RtsUStor.dll
+ 2011-05-21 19:02:02 . 2006-06-20 08:56:42 225280 C:\WINDOWS\system32\rewire.dll
+ 2010-12-25 22:11:04 . 2008-10-07 21:06:34 158720 C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\RTS5121.sys
+ 2010-12-25 22:11:04 . 2008-09-18 21:27:38 266240 C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\rts5121.dll
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 436972 C:\WINDOWS\system32\perfh009.dat
+ 2001-10-25 15:00:00 . 2011-08-06 20:58:43 437238 C:\WINDOWS\system32\perfh005.dat
+ 2010-04-16 20:54:53 . 2011-08-06 21:06:30 206928 C:\WINDOWS\system32\inetsrv\MetaBase.bin
+ 2011-02-11 20:37:24 . 2009-03-31 08:39:36 233472 C:\WINDOWS\system32\FsUsbExService.Exe
+ 2011-02-11 20:37:24 . 2009-03-31 08:39:36 110592 C:\WINDOWS\system32\FsUsbExDevice.Dll
+ 2011-01-09 20:59:49 . 2006-05-03 21:53:54 174592 C:\WINDOWS\system32\framedyn.dll
+ 2011-02-11 20:38:08 . 2007-05-02 15:32:34 135680 C:\WINDOWS\system32\DRVSTORE\nmwcdsa_880D94EACF26DB5FF04E2A3B3A16959D5F0A0274\nmwcdsa.sys
+ 2011-02-11 20:37:46 . 2009-03-20 09:01:26 121856 C:\WINDOWS\system32\drivers\ss_bmdm.sys
+ 2010-12-25 22:10:56 . 2010-07-20 23:43:14 194664 C:\WINDOWS\system32\drivers\RtsUStor.sys
+ 2011-04-04 15:01:30 . 2011-04-04 15:01:30 218688 C:\WINDOWS\system32\drivers\dtsoftbus01.sys
+ 2011-04-04 15:13:44 . 2001-08-23 03:00:00 223232 C:\WINDOWS\system32\dllcache\gcdef.dll
+ 2011-04-04 15:13:46 . 2004-07-09 02:27:28 974848 C:\WINDOWS\system32\dllcache\dxdiag.exe
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 381952 C:\WINDOWS\system32\dllcache\dpvoice.dll
+ 2011-02-14 16:22:44 . 2011-02-14 16:22:44 108144 C:\WINDOWS\system32\CmdLineExt.dll
+ 2011-04-04 15:13:50 . 2002-12-11 22:14:32 733184 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedwipes.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 470528 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 316928 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 257024 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qcap.dll
+ 2011-04-04 15:13:50 . 2002-12-11 22:14:32 173056 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qasf.dll
+ 2011-04-04 15:13:49 . 2002-12-11 22:14:32 324096 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mswebdvd.dll
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 130304 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ks.sys
+ 2011-04-04 15:13:46 . 2004-07-09 02:27:28 974848 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 602624 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx7vb.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 381952 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 491520 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmoprp.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 186880 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmo.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 112128 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvvox.dll
+ 2011-04-04 15:13:46 . 2002-12-11 22:14:32 381952 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvoice.dll
+ 2011-04-04 15:13:45 . 2002-12-11 22:14:32 723968 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnet.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 230400 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 122880 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll
+ 2011-04-04 15:13:48 . 2002-12-11 22:14:32 100864 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmsynth.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 181248 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll
+ 2011-04-04 15:13:48 . 2003-05-30 07:00:02 132608 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll
+ 2011-04-04 15:13:44 . 2004-07-09 02:27:28 292864 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
+ 2011-04-04 15:13:44 . 2003-05-30 07:00:02 797184 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll
+ 2010-12-25 22:16:13 . 2010-12-25 22:16:13 424960 C:\WINDOWS\Installer\c2ff59.msi
+ 2011-01-09 20:59:23 . 2011-01-09 20:59:23 167424 C:\WINDOWS\Installer\b7d8967.msi
+ 2007-10-29 19:56:32 . 2007-10-29 19:56:32 822784 C:\WINDOWS\Installer\b7d8962.msi
+ 2011-06-07 19:17:03 . 2011-06-07 19:17:03 890880 C:\WINDOWS\Installer\1e7fc.msi
+ 2011-02-11 20:38:10 . 2011-02-11 20:38:10 176128 C:\WINDOWS\Installer\12c66ef.msi
+ 2011-04-04 15:13:51 . 2002-12-11 22:14:32 130304 C:\WINDOWS\Driver Cache\i386\ks.sys
+ 2011-02-11 20:36:44 . 2011-02-11 20:36:45 1230336 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2010-12-25 22:10:55 . 2010-07-20 23:42:28 9112168 C:\WINDOWS\system32\RtsUStoricon.dll
+ 2010-12-25 22:11:04 . 2008-08-27 18:47:26 6963200 C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\rts5121icon.dll
+ 2011-04-13 22:40:10 . 2011-04-13 22:40:10 4284416 C:\WINDOWS\system32\GPhotos.scr
+ 2011-04-04 15:13:48 . 2003-05-30 07:00:02 1962496 C:\WINDOWS\system32\dllcache\quartz.dll
+ 2011-04-04 15:14:22 . 2005-07-22 17:59:04 2319568 C:\WINDOWS\system32\d3dx9_27.dll
+ 2011-04-04 15:13:48 . 2003-05-30 07:00:02 1962496 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\quartz.dll
+ 2011-04-04 15:13:50 . 2002-12-11 22:14:32 1798144 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedit.dll
+ 2011-04-04 15:13:44 . 2003-05-30 07:00:02 1189888 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx8vb.dll
+ 2011-04-04 15:13:44 . 2002-12-11 22:14:32 1294336 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound3d.dll
+ 2011-04-04 15:13:48 . 2004-07-09 02:27:28 1201152 C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll
+ 2011-07-22 14:38:46 . 2011-07-22 14:38:46 1597440 C:\WINDOWS\Installer\2bd2aa.msi
+ 2011-07-06 20:26:40 . 2011-07-06 20:26:40 20333056 C:\WINDOWS\Installer\7542cde.msp
+ 2011-02-11 20:36:46 . 2011-02-11 20:36:49 35743744 C:\WINDOWS\Installer\12c66e8.msi
+ 2011-02-11 21:15:41 . 2011-02-11 21:15:42 190102016 C:\WINDOWS\Installer\1529e0d.msi
-- Snímek resetován k současnému datu --
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 15:25:14 138552]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51:30 3911776 -c--a-w- D:\program files\ConduitEngine\ConduitEngine.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
2010-02-11 07:58:56 185856 -c--a-w- D:\program files\Get Styles\enlbrdr.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25:12 1438520 -c--a-w- D:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 15:25:12 1438520]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "D:\Program Files\ConduitEngine\ConduitEngine.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 15:25:12 1438520]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43:46 122512 -c--a-w- D:\program files\AVAST Software\Avast\ashShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"="D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2011-02-11 21:13:41 102400]
"DAEMON Tools Lite"="D:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 09:20:12 1305408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 13:02:16 1430824]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 11:56:34 64512]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2008-11-05 16:33:39 77312]
"DrvIcon"="C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe" [2007-07-04 19:59:02 45056]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 02:30:48 33648]
"AzMixerSel"="C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-18 05:40:30 53248]
"PLFSetL"="C:\WINDOWS\PLFSetL.exe" [2008-07-03 11:28:22 94208]
"PLFSetI"="C:\WINDOWS\PLFSetI.exe" [2008-07-29 14:59:26 200704]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-26 13:31:32 19522592]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-09 21:28:38 98304]
"SweetIM"="D:\Program Files\SweetIM\Messenger\SweetIM.exe" [2010-06-07 13:32:12 111928]
"avast"="D:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-07-04 11:43:54 3493720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-10-19 06:35:36 66560]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-11-1 576104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Driver Genius.lnk]
backup=C:\WINDOWS\pss\Driver Genius.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04:47 35760 ----a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20:12 1305408 -c--a-w- D:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-05-25 15:29:54 1951112 -c--a-w- D:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50:42 155648 ----a-r- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 08:57:36 1451520 -c--a-w- D:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-04-11 06:16:12 1276416 ----a-w- C:\Program Files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-04-06 00:27:46 26102056 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-09 23:57:04 144784 ----a-w- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\ICQ7.1\\ICQ.exe"=
"C:\\Program Files\\ICQ7.1\\aolload.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"D:\\Hry\\Metin2_CZ\\metin2client.bin"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\Hry\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"D:\\Hry\\Metin2_CZ\\metin2.bin"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"D:\\program files\\Bonjour\\mDNSResponder.exe"=
"D:\\nbs\\NBA 2K10 RePack by Chikatila\\nba2k10.exe"=
"D:\\program files\\Valve\\hlds.exe"=
"D:\\program files\\Valve\\hl.exe"=
"D:\\program files\\HLSW\\hlsw.exe"=
"D:\\program files\\Miranda IM KP v5.0.8.15\\miranda32.exe"=
"D:\\program files\\Opera\\opera.exe"=
"D:\\program files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"D:\\program files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"D:\\program files\\uTorrent\\uTorrent.exe"=
"D:\\program files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"D:\\Hry\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"D:\\Hry\\Landwirtschafts Simulator 2011\\game.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"19462:TCP"= 19462:TCP:BitComet 19462 TCP
"19462:UDP"= 19462:UDP:BitComet 19462 UDP
R0 vax347b;vax347b;C:\WINDOWS\system32\drivers\vax347b.sys [16.4.2010 20:45:32 159616]
R0 vax347s;vax347s;C:\WINDOWS\system32\drivers\vax347s.sys [16.4.2010 20:45:32 5248]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [23.7.2011 12:58:14 441176]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [17.4.2010 1:31:25 309848]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\system32\drivers\dtsoftbus01.sys [4.4.2011 17:01:30 218688]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [17.4.2010 1:31:25 19544]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 17:09:10 1253376]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [11.2.2011 22:37:24 233472]
R2 GtDetectSc;GtDetectSc;C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe [30.4.2008 16:52:36 200704]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;D:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29:48 1336712]
R2 IconMan_R;IconMan_R;D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [26.12.2010 0:11:08 1809920]
R2 QDLService;Qualcomm Gobi Download Service;C:\QUALCOMM\QDLService\QDLService.exe [29.10.2008 5:41:30 345336]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [11.2.2011 22:37:24 36608]
R3 gHidPnp;USB Device Enhanced Function Driver;C:\WINDOWS\system32\drivers\gHidPnp.sys [26.12.2010 0:15:13 20480]
R3 gMouUsb;USB Mouse Device Drv;C:\WINDOWS\system32\drivers\gMouUsb.sys [26.12.2010 0:15:13 11520]
S2 GeniusMouseService;GeniusMouseService;D:\Genius\ioCentre\GMouseService.exe --> D:\Genius\ioCentre\GMouseService.exe [?]
S3 Ambfilt;Ambfilt;C:\WINDOWS\system32\drivers\Ambfilt.sys [17.4.2010 0:49:13 1691480]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 11:10:02 3276800]
S3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;C:\WINDOWS\system32\drivers\k57xp32.sys [17.4.2010 11:12:45 186880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\system32\drivers\RtsUStor.sys [26.12.2010 0:10:56 194664]
S3 Rts516xIR;Realtek IR Driver;C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys --> C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);C:\WINDOWS\system32\drivers\s0016bus.sys [17.4.2010 10:04:27 89256]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [11.2.2011 22:37:46 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [11.2.2011 22:37:46 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [11.2.2011 22:37:46 121856]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2008-10-16 19:33:48 124928 ----a-w- C:\WINDOWS\system32\advpack.dll
Obsah adresáře 'Naplánované úlohy'
2011-08-06 C:\WINDOWS\Tasks\AWC AutoSweep.job
- D:\Program Files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-06-19 12:48:53 . 2010-01-22 13:11:04]
------- Doplňkový sken -------
mStart Page = hxxp://home.sweetim.com
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 82.100.3.1 62.240.162.158
FF - ProfilePath - C:\Documents and Settings\asdfg\Data aplikací\Mozilla\Firefox\Profiles\ca3sdkui.default\
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
MSConfigStartUp-Sony Ericsson PC Suite - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
AddRemove-Cool's_Codec_pack_4.12 - C:\WINDOWS\iun6002.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-06 23:06:08
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Vir z Fb Ntb :))
Přikládám i new log z HjT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:31, on 6.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\PLFSetI.exe
C:\WINDOWS\RTHDCPL.EXE
D:\Program Files\SweetIM\Messenger\SweetIM.exe
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\arservice.exe
D:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\QUALCOMM\QDLService\QDLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
D:\program files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\program files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
D:\program files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: GdfrDUEn Class - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - D:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SweetIM] D:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [AutoStartNPSAgent] D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: GeniusMouseService - Unknown owner - D:\Genius\ioCentre\GMouseService.exe (file missing)
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Qualcomm Gobi Download Service (QDLService) - QUALCOMM, Inc. - C:\QUALCOMM\QDLService\QDLService.exe
O23 - Service: ServiceLayer - Nokia - D:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 11257 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:31, on 6.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\PLFSetI.exe
C:\WINDOWS\RTHDCPL.EXE
D:\Program Files\SweetIM\Messenger\SweetIM.exe
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\arservice.exe
D:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\QUALCOMM\QDLService\QDLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
D:\program files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\program files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
D:\program files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: GdfrDUEn Class - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - D:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SweetIM] D:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [AutoStartNPSAgent] D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: GeniusMouseService - Unknown owner - D:\Genius\ioCentre\GMouseService.exe (file missing)
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Qualcomm Gobi Download Service (QDLService) - QUALCOMM, Inc. - C:\QUALCOMM\QDLService\QDLService.exe
O23 - Service: ServiceLayer - Nokia - D:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 11257 bytes
Re: Vir z Fb Ntb :))
Combofix přesuň na plochu
-otevři si Poznámkový blok
-Do něj zkopíruj text z tohoto okénka
-vytvořený TXT soubor ulož jako CFScript.txt na plochu a levým myšítkem přesuň nad ikonu Combofixu, kde ho upustíš
-Po proběhnutí skenu a ukončení combofixu by se měl objevit log, vlož ho zde.
Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.
-otevři si Poznámkový blok
-Do něj zkopíruj text z tohoto okénka
Kód: Vybrat vše
File::
C:\WINDOWS\unrar.exe
Folder::
C:\WINDOWS\av_ico
C:\WINDOWS\ufa
D:\Program Files\SweetIM
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= -
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
-vytvořený TXT soubor ulož jako CFScript.txt na plochu a levým myšítkem přesuň nad ikonu Combofixu, kde ho upustíš
-Po proběhnutí skenu a ukončení combofixu by se měl objevit log, vlož ho zde.
Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Vir z Fb Ntb :))
Tak sem nejdřív skusil ten CF v normal režimu u 50 partu se zase restartoval, tak sem pustil v nouzáku tak se vytvořil bod obnovení a těsně před partem 1 se pc vypne
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Vir z Fb Ntb :))
script nedělej....
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Vir z Fb Ntb :))
OTL logfile created on: 11.8.2011 13:09:48 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\asdfg\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,43% Memory free
3,85 Gb Paging File | 3,39 Gb Available in Paging File | 88,02% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 26,30 Gb Total Space | 3,95 Gb Free Space | 15,04% Space Free | Partition Type: NTFS
Drive D: | 439,46 Gb Total Space | 256,21 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: asdfg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\asdfg\Plocha\OTL.exe (OldTimer Tools)
PRC - D:\program files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - D:\program files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - D:\program files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - D:\program files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - D:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe (OptionNV)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()
PRC - C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe (artArmin)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\asdfg\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (wuauserv) -- File not found
SRV - (GeniusMouseService) -- File not found
SRV - (avast! Antivirus) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Hamachi2Svc) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (IconMan_R) -- D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ServiceLayer) -- D:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (ARSVC) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (QDLService) -- C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (GtDetectSc) -- C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe (OptionNV)
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (PnkBstrA) -- D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (StarWindService) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Driver Services (SafeList) ==========
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (gMouUsb) -- C:\WINDOWS\system32\drivers\gMouUsb.sys ()
DRV - (gHidPnp) -- C:\WINDOWS\system32\drivers\gHidPnp.sys ()
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (kbfiltr) -- C:\WINDOWS\system32\drivers\kbfiltr.sys ( )
DRV - (KMWDFILTER) -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (k57w2k) Broadcom NetLink (TM) -- C:\WINDOWS\system32\drivers\k57xp32.sys (Broadcom Corporation)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (vax347b) -- C:\WINDOWS\system32\DRIVERS\vax347b.sys ( )
DRV - (vax347s) -- C:\WINDOWS\System32\Drivers\vax347s.sys ( )
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: D:\program files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2011.07.23 12:57:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.07.06 22:33:51 | 000,000,000 | ---D | M]
[2011.07.06 22:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\asdfg\Data aplikací\Mozilla\Extensions
[2011.07.06 22:33:51 | 000,000,000 | ---D | M] (No name found) -- D:\program files\Mozilla Firefox\extensions
[2011.07.06 22:33:51 | 000,000,000 | ---D | M] (Default) -- D:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) --
[2011.07.23 12:57:59 | 000,000,000 | ---D | M] (avast! WebRep) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.06.16 06:30:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,364 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\google.xml
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.08.06 23:04:07 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\program files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\program files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe (artArmin)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\program files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] D:\program files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [AutoStartNPSAgent] D:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\program files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.100.3.1 62.240.162.158
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\wgalogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\asdfg\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\asdfg\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.08.11 13:08:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\asdfg\Recent
[2011.08.11 13:07:07 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\asdfg\Plocha\OTL.exe
[2011.08.10 16:25:31 | 000,232,512 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011.08.10 16:03:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DAEMON Tools Lite
[2011.08.10 16:03:03 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2011.08.07 22:36:40 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.08.07 22:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2011.08.07 12:03:06 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.08.06 23:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\asdfg\Data aplikací\Ashampoo
[2011.08.06 23:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\ashampoo
[2011.08.06 23:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.08.06 23:35:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Ashampoo
[2011.08.06 23:35:01 | 000,000,000 | ---D | C] -- D:\Program Files\Ashampoo
[2011.08.06 23:03:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.08.06 22:54:20 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.07.23 12:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2011.07.23 12:58:14 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.07.23 12:57:45 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software
[2011.07.23 12:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.07.23 12:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\asdfg\Data aplikací\Malwarebytes
[2011.07.23 12:42:37 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.23 12:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.07.23 12:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.07.23 12:42:33 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.07.23 12:42:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2011.07.22 16:38:45 | 000,000,000 | ---D | C] -- D:\Program Files\ATI
[2011.07.22 16:38:30 | 000,000,000 | ---D | C] -- D:\Program Files\ATI Technologies
[2011.07.22 15:53:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.07.22 15:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\WinRAR
[2011.07.21 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.01.09 11:48:12 | 000,462,112 | ---- | C] (How Inc.) -- C:\Program Files\Common Files\ZugoInstaller.exe
[2010.12.26 00:15:51 | 000,013,880 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[2010.04.17 01:05:54 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010.04.17 01:05:50 | 000,229,376 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010.04.16 20:45:32 | 000,159,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347b.sys
[2010.04.16 20:45:32 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347s.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.08.11 13:07:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\asdfg\Plocha\OTL.exe
[2011.08.11 13:05:04 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\gsmfxeu.sys
[2011.08.10 22:40:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.10 21:42:16 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.08.10 16:43:22 | 000,437,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.08.10 16:43:22 | 000,437,306 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.10 16:43:22 | 000,084,580 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.08.10 16:43:22 | 000,071,774 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.08.10 16:39:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.10 16:38:47 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2011.08.10 16:38:21 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.10 16:37:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.10 16:37:45 | 2142,158,848 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.10 16:25:32 | 000,232,512 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011.08.10 16:03:12 | 000,001,520 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2011.08.10 00:25:17 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.08 00:00:56 | 000,055,425 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\p08.jpg
[2011.08.07 23:54:28 | 923,043,056 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\THOR-akční-thriller-drama-fantasy-horor-scifi-novinka-2011-cz-title-avi.avi
[2011.08.07 22:36:40 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.08.06 23:52:05 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2011.08.06 23:35:08 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
[2011.08.06 23:04:07 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.08.05 18:57:40 | 741,025,792 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\rychlejsi-cz-dabing-akcni-novinky-2011.avi
[2011.08.04 22:45:32 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\Skype.lnk
[2011.07.23 12:58:17 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.07.23 12:58:14 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.07.23 12:42:37 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.07.22 17:32:20 | 000,001,618 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.07.22 16:48:02 | 000,000,429 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2011.07.22 15:53:34 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.07.21 19:30:33 | 000,000,215 | ---- | M] () -- C:\boot.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.08.11 13:05:04 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\gsmfxeu.sys
[2011.08.10 16:37:45 | 2142,158,848 | -HS- | C] () -- C:\hiberfil.sys
[2011.08.10 16:03:12 | 000,001,520 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2011.08.09 18:10:56 | 923,043,056 | ---- | C] () -- C:\Documents and Settings\asdfg\Plocha\THOR-akční-thriller-drama-fantasy-horor-scifi-novinka-2011-cz-title-avi.avi
[2011.08.09 18:10:09 | 741,025,792 | ---- | C] () -- C:\Documents and Settings\asdfg\Plocha\rychlejsi-cz-dabing-akcni-novinky-2011.avi
[2011.08.08 00:00:55 | 000,055,425 | ---- | C] () -- C:\Documents and Settings\asdfg\Plocha\p08.jpg
[2011.08.07 22:30:45 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.08.07 22:30:19 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.07 22:30:18 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.06 23:35:08 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
[2011.07.23 12:58:17 | 000,001,588 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.07.23 12:42:37 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.07.22 15:52:49 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.02.11 22:37:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.02.11 22:37:24 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.02.11 22:37:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\asdfg\Data aplikací\$_hpcst$.hpc
[2011.01.09 23:00:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2011.01.09 22:59:09 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.12.26 00:15:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidPnp.sys
[2010.12.26 00:15:13 | 000,011,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\gMouUsb.sys
[2010.10.16 18:48:05 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010.05.05 22:37:20 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.18 14:27:31 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.04.18 14:27:31 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.04.18 14:27:31 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.04.18 13:55:39 | 000,028,712 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2010.04.18 10:59:02 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.17 11:16:10 | 000,014,028 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010.04.17 01:31:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.04.17 01:13:43 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.04.17 01:07:27 | 000,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2010.04.17 01:07:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe
[2010.04.17 01:07:27 | 000,020,480 | ---- | C] () -- C:\WINDOWS\USB_VIDEO_REG.exe
[2010.04.17 01:06:51 | 000,106,496 | ---- | C] () -- C:\WINDOWS\FixUVC.exe
[2010.04.17 01:05:54 | 001,754,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010.04.17 01:05:54 | 000,028,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010.04.17 01:05:54 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2010.04.17 01:05:54 | 000,000,036 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010.04.17 00:49:35 | 000,090,772 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2010.04.17 00:49:35 | 000,000,536 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2010.04.17 00:49:35 | 000,000,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010.04.17 00:37:53 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.04.17 00:36:22 | 000,001,618 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.04.17 00:11:27 | 001,591,808 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.16 23:30:31 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\fusioncache.dat
[2010.04.16 23:28:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.04.16 23:28:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.04.16 23:28:19 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.04.16 23:28:19 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.04.16 23:28:18 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.04.16 23:06:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.04.16 22:55:16 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.04.16 22:47:27 | 000,058,716 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2010.04.16 22:47:27 | 000,014,691 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2010.04.16 22:47:25 | 000,018,097 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2010.04.16 22:29:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.04.16 21:10:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.16 21:02:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.04.16 21:02:20 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.04.16 21:02:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010.04.16 21:02:19 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010.04.16 21:02:19 | 000,196,565 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.04.16 21:02:19 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.11.26 07:55:01 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\setupold.exe
[2008.11.05 18:33:39 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2008.09.26 22:27:04 | 000,049,664 | ---- | C] () -- C:\WINDOWS\System32\VCDControlTool.exe
[2008.09.26 22:13:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\XXMKLINK.exe
[2008.09.22 16:51:34 | 000,000,192 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.07.31 15:50:30 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\CMDOW.exe
[2008.07.31 15:50:19 | 000,026,013 | ---- | C] () -- C:\WINDOWS\System32\SLEEP.exe
[2008.04.14 10:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.11.01 16:53:34 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.11.01 16:43:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.12.31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.10.10 00:12:14 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.10.25 17:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 17:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 17:00:00 | 000,437,750 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 17:00:00 | 000,437,306 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 17:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 17:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 17:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 17:00:00 | 000,084,580 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 17:00:00 | 000,071,774 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 17:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 17:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 17:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 17:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 17:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.08.06 23:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.07.23 12:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2010.04.17 10:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2011.04.04 16:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.16 22:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.05.30 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.10.16 18:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MAGIX
[2010.05.30 18:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.04.17 11:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\QUALCOMM
[2010.04.17 11:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ralink
[2010.04.17 09:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2010.04.16 19:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WLAN
[2010.05.14 19:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\2K Sports
[2011.08.06 23:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Ashampoo
[2011.04.04 17:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\DAEMON Tools Lite
[2010.07.05 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\HLSW
[2011.03.22 21:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\ICQ
[2010.10.16 23:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\IObit
[2010.10.16 18:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\MAGIX
[2011.04.24 20:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\My Battle for Middle-earth(tm) II Files
[2010.05.30 19:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Nokia
[2010.07.16 21:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Opera
[2010.10.29 00:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\PC Suite
[2011.07.20 14:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\PriceGong
[2011.02.11 22:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Samsung
[2011.02.15 22:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\uTorrent
[2011.08.10 16:38:47 | 000,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\asdfg\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,43% Memory free
3,85 Gb Paging File | 3,39 Gb Available in Paging File | 88,02% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 26,30 Gb Total Space | 3,95 Gb Free Space | 15,04% Space Free | Partition Type: NTFS
Drive D: | 439,46 Gb Total Space | 256,21 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: asdfg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\asdfg\Plocha\OTL.exe (OldTimer Tools)
PRC - D:\program files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - D:\program files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - D:\program files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - D:\program files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - D:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe (OptionNV)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()
PRC - C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe (artArmin)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\asdfg\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (wuauserv) -- File not found
SRV - (GeniusMouseService) -- File not found
SRV - (avast! Antivirus) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Hamachi2Svc) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (IconMan_R) -- D:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ServiceLayer) -- D:\program files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (ARSVC) -- C:\WINDOWS\arservice.exe (Microsoft)
SRV - (QDLService) -- C:\QUALCOMM\QDLService\QDLService.exe (QUALCOMM, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (GtDetectSc) -- C:\Program Files\Option\Acer 3G Connection Manager\GtDetectSc.exe (OptionNV)
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (PnkBstrA) -- D:\Hry\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (StarWindService) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Driver Services (SafeList) ==========
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (gMouUsb) -- C:\WINDOWS\system32\drivers\gMouUsb.sys ()
DRV - (gHidPnp) -- C:\WINDOWS\system32\drivers\gHidPnp.sys ()
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (kbfiltr) -- C:\WINDOWS\system32\drivers\kbfiltr.sys ( )
DRV - (KMWDFILTER) -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (k57w2k) Broadcom NetLink (TM) -- C:\WINDOWS\system32\drivers\k57xp32.sys (Broadcom Corporation)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (vax347b) -- C:\WINDOWS\system32\DRIVERS\vax347b.sys ( )
DRV - (vax347s) -- C:\WINDOWS\System32\Drivers\vax347s.sys ( )
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: D:\program files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Program Files\AVAST Software\Avast\WebRep\FF [2011.07.23 12:57:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.07.06 22:33:51 | 000,000,000 | ---D | M]
[2011.07.06 22:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\asdfg\Data aplikací\Mozilla\Extensions
[2011.07.06 22:33:51 | 000,000,000 | ---D | M] (No name found) -- D:\program files\Mozilla Firefox\extensions
[2011.07.06 22:33:51 | 000,000,000 | ---D | M] (Default) -- D:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) --
[2011.07.23 12:57:59 | 000,000,000 | ---D | M] (avast! WebRep) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.06.16 06:30:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,364 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\google.xml
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.08.06 23:04:07 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\program files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\program files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [avast] D:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe (artArmin)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\program files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] D:\program files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [AutoStartNPSAgent] D:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\program files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.100.3.1 62.240.162.158
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\wgalogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\asdfg\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\asdfg\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.08.11 13:08:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\asdfg\Recent
[2011.08.11 13:07:07 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\asdfg\Plocha\OTL.exe
[2011.08.10 16:25:31 | 000,232,512 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011.08.10 16:03:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DAEMON Tools Lite
[2011.08.10 16:03:03 | 000,000,000 | ---D | C] -- D:\Program Files\DAEMON Tools Lite
[2011.08.07 22:36:40 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.08.07 22:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2011.08.07 12:03:06 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.08.06 23:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\asdfg\Data aplikací\Ashampoo
[2011.08.06 23:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\ashampoo
[2011.08.06 23:35:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.08.06 23:35:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Ashampoo
[2011.08.06 23:35:01 | 000,000,000 | ---D | C] -- D:\Program Files\Ashampoo
[2011.08.06 23:03:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.08.06 22:54:20 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.07.23 12:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2011.07.23 12:58:14 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.07.23 12:57:45 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software
[2011.07.23 12:57:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.07.23 12:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\asdfg\Data aplikací\Malwarebytes
[2011.07.23 12:42:37 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.23 12:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.07.23 12:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.07.23 12:42:33 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.07.23 12:42:33 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2011.07.22 16:38:45 | 000,000,000 | ---D | C] -- D:\Program Files\ATI
[2011.07.22 16:38:30 | 000,000,000 | ---D | C] -- D:\Program Files\ATI Technologies
[2011.07.22 15:53:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.07.22 15:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\WinRAR
[2011.07.21 19:31:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.01.09 11:48:12 | 000,462,112 | ---- | C] (How Inc.) -- C:\Program Files\Common Files\ZugoInstaller.exe
[2010.12.26 00:15:51 | 000,013,880 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[2010.04.17 01:05:54 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010.04.17 01:05:50 | 000,229,376 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010.04.16 20:45:32 | 000,159,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347b.sys
[2010.04.16 20:45:32 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347s.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.08.11 13:07:12 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\asdfg\Plocha\OTL.exe
[2011.08.11 13:05:04 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\gsmfxeu.sys
[2011.08.10 22:40:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.10 21:42:16 | 000,001,704 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.08.10 16:43:22 | 000,437,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.08.10 16:43:22 | 000,437,306 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.10 16:43:22 | 000,084,580 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.08.10 16:43:22 | 000,071,774 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.08.10 16:39:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.10 16:38:47 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2011.08.10 16:38:21 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.10 16:37:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.10 16:37:45 | 2142,158,848 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.10 16:25:32 | 000,232,512 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2011.08.10 16:03:12 | 000,001,520 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2011.08.10 00:25:17 | 000,007,680 | ---- | M] () -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.08 00:00:56 | 000,055,425 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\p08.jpg
[2011.08.07 23:54:28 | 923,043,056 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\THOR-akční-thriller-drama-fantasy-horor-scifi-novinka-2011-cz-title-avi.avi
[2011.08.07 22:36:40 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.08.06 23:52:05 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2011.08.06 23:35:08 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
[2011.08.06 23:04:07 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.08.05 18:57:40 | 741,025,792 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\rychlejsi-cz-dabing-akcni-novinky-2011.avi
[2011.08.04 22:45:32 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\asdfg\Plocha\Skype.lnk
[2011.07.23 12:58:17 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.07.23 12:58:14 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.07.23 12:42:37 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.07.22 17:32:20 | 000,001,618 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.07.22 16:48:02 | 000,000,429 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2011.07.22 15:53:34 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
[2011.07.21 19:30:33 | 000,000,215 | ---- | M] () -- C:\boot.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.08.11 13:05:04 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\gsmfxeu.sys
[2011.08.10 16:37:45 | 2142,158,848 | -HS- | C] () -- C:\hiberfil.sys
[2011.08.10 16:03:12 | 000,001,520 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2011.08.09 18:10:56 | 923,043,056 | ---- | C] () -- C:\Documents and Settings\asdfg\Plocha\THOR-akční-thriller-drama-fantasy-horor-scifi-novinka-2011-cz-title-avi.avi
[2011.08.09 18:10:09 | 741,025,792 | ---- | C] () -- C:\Documents and Settings\asdfg\Plocha\rychlejsi-cz-dabing-akcni-novinky-2011.avi
[2011.08.08 00:00:55 | 000,055,425 | ---- | C] () -- C:\Documents and Settings\asdfg\Plocha\p08.jpg
[2011.08.07 22:30:45 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.08.07 22:30:19 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.07 22:30:18 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.06 23:35:08 | 000,000,705 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ashampoo Burning Studio 6 FREE.lnk
[2011.07.23 12:58:17 | 000,001,588 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.07.23 12:42:37 | 000,000,677 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.07.22 15:52:49 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.02.11 22:37:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.02.11 22:37:24 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.02.11 22:37:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\asdfg\Data aplikací\$_hpcst$.hpc
[2011.01.09 23:00:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2011.01.09 22:59:09 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.12.26 00:15:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidPnp.sys
[2010.12.26 00:15:13 | 000,011,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\gMouUsb.sys
[2010.10.16 18:48:05 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010.05.05 22:37:20 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.18 14:27:31 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.04.18 14:27:31 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.04.18 14:27:31 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.04.18 13:55:39 | 000,028,712 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2010.04.18 10:59:02 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.17 11:16:10 | 000,014,028 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010.04.17 01:31:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.04.17 01:13:43 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.04.17 01:07:27 | 000,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2010.04.17 01:07:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe
[2010.04.17 01:07:27 | 000,020,480 | ---- | C] () -- C:\WINDOWS\USB_VIDEO_REG.exe
[2010.04.17 01:06:51 | 000,106,496 | ---- | C] () -- C:\WINDOWS\FixUVC.exe
[2010.04.17 01:05:54 | 001,754,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010.04.17 01:05:54 | 000,028,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010.04.17 01:05:54 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2010.04.17 01:05:54 | 000,000,036 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010.04.17 00:49:35 | 000,090,772 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2010.04.17 00:49:35 | 000,000,536 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2010.04.17 00:49:35 | 000,000,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010.04.17 00:37:53 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.04.17 00:36:22 | 000,001,618 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.04.17 00:11:27 | 001,591,808 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.16 23:30:31 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\asdfg\Local Settings\Data aplikací\fusioncache.dat
[2010.04.16 23:28:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.04.16 23:28:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.04.16 23:28:19 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.04.16 23:28:19 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.04.16 23:28:18 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.04.16 23:06:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.04.16 22:55:16 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.04.16 22:47:27 | 000,058,716 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2010.04.16 22:47:27 | 000,014,691 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2010.04.16 22:47:25 | 000,018,097 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2010.04.16 22:29:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.04.16 21:10:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.16 21:02:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.04.16 21:02:20 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.04.16 21:02:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010.04.16 21:02:19 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010.04.16 21:02:19 | 000,196,565 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.04.16 21:02:19 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.11.26 07:55:01 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\setupold.exe
[2008.11.05 18:33:39 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2008.09.26 22:27:04 | 000,049,664 | ---- | C] () -- C:\WINDOWS\System32\VCDControlTool.exe
[2008.09.26 22:13:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\XXMKLINK.exe
[2008.09.22 16:51:34 | 000,000,192 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.07.31 15:50:30 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\CMDOW.exe
[2008.07.31 15:50:19 | 000,026,013 | ---- | C] () -- C:\WINDOWS\System32\SLEEP.exe
[2008.04.14 10:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.11.01 16:53:34 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.11.01 16:43:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.12.31 08:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.10.10 00:12:14 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.10.25 17:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 17:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 17:00:00 | 000,437,750 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 17:00:00 | 000,437,306 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 17:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 17:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 17:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 17:00:00 | 000,084,580 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 17:00:00 | 000,071,774 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 17:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 17:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 17:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 17:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 17:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.08.06 23:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.07.23 12:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2010.04.17 10:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2011.04.04 16:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.16 22:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.05.30 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.10.16 18:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MAGIX
[2010.05.30 18:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.04.17 11:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\QUALCOMM
[2010.04.17 11:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ralink
[2010.04.17 09:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2010.04.16 19:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WLAN
[2010.05.14 19:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\2K Sports
[2011.08.06 23:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Ashampoo
[2011.04.04 17:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\DAEMON Tools Lite
[2010.07.05 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\HLSW
[2011.03.22 21:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\ICQ
[2010.10.16 23:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\IObit
[2010.10.16 18:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\MAGIX
[2011.04.24 20:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\My Battle for Middle-earth(tm) II Files
[2010.05.30 19:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Nokia
[2010.07.16 21:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Opera
[2010.10.29 00:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\PC Suite
[2011.07.20 14:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\PriceGong
[2011.02.11 22:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\Samsung
[2011.02.15 22:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\asdfg\Data aplikací\uTorrent
[2011.08.10 16:38:47 | 000,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job
========== Purity Check ==========
< End of report >
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 70 hostů