Zdravím - chtěla bych požádat o kontrolu logu!
Logfile of random's system information tool 1.09 (written by random/random)
Run by Maca at 2011-07-09 09:44:41
Systém Microsoft Windows XP Professional Service Pack 2
System drive D: has 12 GB (32%) free of 38 GB
Total RAM: 1014 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:44:42, on 9.7.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\system32\igfxpers.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\AGRSMMSG.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\Program Files\BenQ\BenQ Surround\BenQSurround.exe
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
D:\Program Files\BenQ\Q-HotkeyMgr\HotkeySensor.exe
D:\Program Files\Ekahau\Ekahau Wireless Utility\ACU.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Notebook Hardware Control\nhc.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
D:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\ICQ7.4\ICQ.exe
D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\acs.exe
D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
D:\Program Files\ICQ6Toolbar\ICQ Service.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\CyberLink\Shared Files\RichVideo.exe
D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\internet explorer\iexplore.exe
D:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Documents and Settings\Maca\Plocha\RSIT.exe
D:\Program Files\trend micro\Maca.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - D:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - D:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] D:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BenQSurround] D:\Program Files\BenQ\BenQ Surround\BenQSurround.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "D:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Q-HotkeyMgr] "D:\Program Files\BenQ\Q-HotkeyMgr\HotkeySensor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ACU] "D:\Program Files\Ekahau\Ekahau Wireless Utility\ACU.exe" -nogui
O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NotebookHardwareControl] "D:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [4623 Scan2PC] "D:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "D:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... YYYYYYYYCZ
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 7934784652
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - D:\Program Files\vShare\vshare_toolbar.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Ekahau Configuration Service (ACS) - Unknown owner - D:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate1c996bee849d438) (gupdate1c996bee849d438) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - D:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Samsung Network Fax Server - Unknown owner - D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
--
End of file - 11865 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\Google Software Updater.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://vshare.toolbarhome.com/?hp=df"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, jqs@sun.com:1.0, vshare@toolbar:1.0.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
"jqs@sun.com"=D:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 9.0
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13]
"Description"=Google Updater
"Path"=D:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
D:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
D:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js
D:\Program Files\Mozilla Firefox\plugins\
flashplayer.xpt
npdeploytk.dll
npnul32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
NPSWF32.dll
NPSWF32_FlashUtil.exe
QuickTimePlugin.class
D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\
vshare@toolbar
{800b5000-a755-47e1-992b-48a1c1357f07}
D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
web-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}]
vShare Toolbar - D:\Program Files\vShare\vshare_toolbar.dll [2011-01-25 482360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - D:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-06-29 305328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-05-23 1007160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-12 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll [2010-09-06 1048888]
{043C5167-00BB-4324-AF7E-62013FAEDACF} - vShare Toolbar - D:\Program Files\vShare\vshare_toolbar.dll [2011-01-25 482360]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-06-29 305328]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=D:\WINDOWS\system32\igfxtray.exe [2008-04-05 138008]
"HotKeysCmds"=D:\WINDOWS\system32\hkcmd.exe [2008-04-05 162584]
"Persistence"=D:\WINDOWS\system32\igfxpers.exe [2008-04-05 138008]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"AGRSMMSG"=D:\WINDOWS\AGRSMMSG.exe [2008-04-05 88363]
"SynTPEnh"=D:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-04-19 861744]
"BenQSurround"=D:\Program Files\BenQ\BenQ Surround\BenQSurround.exe [2007-04-20 1187840]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"RemoteControl"=D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=D:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"Q-HotkeyMgr"=D:\Program Files\BenQ\Q-HotkeyMgr\HotkeySensor.exe [2007-03-22 237673]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ACU"=D:\Program Files\Ekahau\Ekahau Wireless Utility\ACU.exe [2006-05-09 303104]
"WinampAgent"=D:\Program Files\Winamp\winampa.exe [2008-03-27 36352]
"NotebookHardwareControl"=D:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"Samsung PanelMgr"=D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2009-08-14 614400]
"4623 Scan2PC"=D:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe [2009-09-10 1968640]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-24 39408]
"T-Mobile Communication Centre"=D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2008-10-07 1495072]
"Skype"=D:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"ICQ"=D:\Program Files\ICQ7.4\ICQ.exe [2011-04-10 119608]
D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
D:\Documents and Settings\Maca\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
D:\WINDOWS\system32\igfxdev.dll [2008-04-05 204800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"D:\Program Files\WIP Miranda IM 1.7\miranda32.exe"="D:\Program Files\WIP Miranda IM 1.7\miranda32.exe:*:Enabled:Miranda IM"
"D:\Program Files\WIP Miranda IM 1.7.3\miranda32.exe"="D:\Program Files\WIP Miranda IM 1.7.3\miranda32.exe:*:Enabled:Miranda IM"
"D:\Program Files\ICQ6.5\ICQ.exe"="D:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\WINDOWS\twain_32\Samsung\ScanMgr.exe"="D:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger"
"D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe"="D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe:*:Enabled:ScanToPC"
"D:\WINDOWS\twain_32\Samsung\SCX4623\Sscan2io.exe"="D:\WINDOWS\twain_32\Samsung\SCX4623\Sscan2io.exe:*:Enabled:SScanToIO"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\ICQ7.4\ICQ.exe"="D:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"D:\Program Files\BitLord2\BitLord.exe"="D:\Program Files\BitLord2\BitLord.exe:*:Enabled:Bitlord2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\ICQ7.4\ICQ.exe"="D:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======List of files/folders created in the last 1 month======
======List of files/folders modified in the last 1 month======
2011-07-09 09:44:41 ----D---- D:\WINDOWS\Prefetch
2011-07-09 09:44:41 ----D---- D:\Program Files\Trend Micro
2011-07-09 09:36:10 ----D---- D:\Documents and Settings\Maca\Data aplikací\Skype
2011-07-09 09:31:43 ----D---- D:\WINDOWS\Temp
2011-07-09 08:06:12 ----D---- D:\Documents and Settings\Maca\Data aplikací\skypePM
2011-07-09 04:06:27 ----SHD---- D:\WINDOWS\Installer
2011-07-09 04:06:08 ----D---- D:\Program Files\Google
2011-07-09 00:04:00 ----A---- D:\WINDOWS\SchedLgU.Txt
2011-07-08 18:22:31 ----SD---- D:\WINDOWS\Tasks
2011-07-08 18:22:22 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google Updater
2011-07-07 16:45:10 ----D---- D:\WINDOWS\Microsoft.NET
2011-07-07 16:36:17 ----D---- D:\Documents and Settings\Maca\Data aplikací\ICQ
2011-06-19 22:06:40 ----A---- D:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; D:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-11 21275]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 QBIOSIo;QBIOSIo.dll; D:\WINDOWS\system32\QBIOSIo.dll [2007-01-20 11520]
R3 AgereSoftModem;Agere Systems Soft Modem; D:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-04-05 1270540]
R3 AR5211;Atheros Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-10-20 478432]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 btaudio;Bluetooth Audio Device; D:\WINDOWS\system32\drivers\btaudio.sys [2006-06-07 329901]
R3 btkrnl;Bluetooth Bus Enumerator; D:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-06-07 855018]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; D:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-04-05 5700096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-10 4449280]
R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\D:\WINDOWS\system32\drivers\nhcDriver.sys []
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 rimmptsk;rimmptsk; D:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; D:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-09-08 51328]
R3 rismxdp;Ricoh xD-Picture Card Driver; D:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 sdbus;sdbus; D:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-03 67584]
R3 SynTP;Synaptics TouchPad Driver; D:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-04-19 186552]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 usbvideo;Zobrazovací zařízení USB (WDM); D:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; D:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S2 DgiVecp;DgiVecp; \??\D:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\D:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; D:\WINDOWS\system32\DRIVERS\btport.sys [2006-06-07 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; D:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-06-07 149028]
S3 btwhid;btwhid; D:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-06-07 47811]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; D:\WINDOWS\System32\Drivers\btwusb.sys [2006-06-07 67384]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 ipw_bus;IPWireless; D:\WINDOWS\system32\DRIVERS\ipw_bus.sys []
S3 ipw_mdfl;Wireless Broadband Modem Filter; D:\WINDOWS\system32\DRIVERS\ipw_mdfl.sys []
S3 ipw_mdm;Wireless Broadband Modem (WDM); D:\WINDOWS\system32\DRIVERS\ipw_mdm.sys []
S3 IpwP;IPWireless 3G Network Adapter; D:\WINDOWS\system32\DRIVERS\ipw3gnet.sys [2008-10-10 51040]
S3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nmwcd;Nokia USB Phone Parent; D:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 sffdisk;Ovladač třídy úložiště SFF; D:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-03 11136]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; D:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-03 10240]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support; D:\WINDOWS\system32\DRIVERS\yk51lagg.sys []
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support; D:\WINDOWS\system32\DRIVERS\skvlan.sys [2006-05-17 19328]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); D:\WINDOWS\system32\DRIVERS\snp2uvc.sys []
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; D:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Ekahau Configuration Service; D:\WINDOWS\system32\acs.exe [2006-04-19 36864]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 btwdins;Bluetooth Service; D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-06-07 266295]
R2 ICQ Service;ICQ Service; D:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2008-12-12 152984]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); D:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 Samsung Network Fax Server;Samsung Network Fax Server; D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe [2009-09-11 162304]
R2 UMWdf;Windows User Mode Driver Framework; D:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 gupdate1c996bee849d438;Služba Google Update (gupdate1c996bee849d438); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-24 133104]
S2 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-02-08 72704]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
S3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gupdatem;Služba Google Update (gupdatem); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-24 133104]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-20 262144]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravim, pekne dopoledne preji a vitam vas u nas na foru 
Stahnete na plochu CKScanner
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Stahnete na plochu CKScanner
- Spustte a kliknete na Search for files
- Po dokonceni skenu kliknete na Save List to File a nasledne OK
- Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.VEAPHJ
----- EOF -----
OTL.TXT
OTL logfile created on: 9.7.2011 10:38:08 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Maca\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 311,89 Mb Available Physical Memory | 30,75% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,11% Paging File free
Paging file location(s): D:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 111,78 Gb Total Space | 54,72 Gb Free Space | 48,95% Space Free | Partition Type: NTFS
Drive D: | 37,25 Gb Total Space | 12,94 Gb Free Space | 34,75% Space Free | Partition Type: NTFS
Computer Name: MARCELA | User Name: Maca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.07.09 10:34:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
PRC - [2011.04.10 22:16:09 | 000,119,608 | ---- | M] (ICQ, LLC.) -- D:\Program Files\ICQ7.4\ICQ.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- D:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.09.11 15:02:26 | 000,162,304 | ---- | M] () -- D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
PRC - [2009.09.10 16:39:45 | 001,968,640 | ---- | M] () -- D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe
PRC - [2009.08.17 18:07:23 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.08.17 18:07:17 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.08.17 17:58:55 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.08.14 12:03:06 | 000,614,400 | ---- | M] () -- D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008.10.07 17:18:48 | 001,495,072 | ---- | M] (Gemfor s.r.o.) -- D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2007.05.11 03:06:00 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- D:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2007.05.04 02:33:22 | 002,629,632 | ---- | M] (http://www.pbus-167.com) -- D:\Program Files\Notebook Hardware Control\nhc.exe
PRC - [2007.04.20 11:33:48 | 001,187,840 | ---- | M] (BenQ Corp.) -- D:\Program Files\BenQ\BenQ Surround\BenQSurround.exe
PRC - [2006.06.07 17:05:38 | 000,553,021 | ---- | M] (Broadcom Corporation.) -- D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
========== Modules (SafeList) ==========
MOD - [2011.07.09 10:34:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006.06.07 17:07:04 | 000,053,248 | ---- | M] () -- D:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (wuauserv)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- D:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.11 15:02:26 | 000,162,304 | ---- | M] () [Auto | Running] -- D:\WINDOWS\System32\spool\drivers\w32x86\3\NetFaxServer.exe -- (Samsung Network Fax Server)
SRV - [2009.08.17 18:07:17 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.08.17 18:07:01 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.08.17 18:04:21 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.08.17 17:58:55 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2006.04.19 13:35:22 | 000,036,864 | ---- | M] () [Auto | Stopped] -- D:\WINDOWS\system32\acs.exe -- (ACS)
========== Driver Services (SafeList) ==========
DRV - [2011.07.07 16:36:14 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2009.08.17 18:06:43 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.08.17 18:05:52 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.08.17 18:05:37 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.08.17 18:04:40 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.08.17 18:04:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.08.17 18:03:21 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.02.11 03:48:20 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2008.10.10 10:10:26 | 000,051,040 | R--- | M] (IPWireless Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ipw3gnet.sys -- (IpwP)
DRV - [2008.05.02 11:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.04.05 15:05:48 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.07.10 09:56:34 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.01.20 00:02:16 | 000,011,520 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\QBIOSIo.dll -- (QBIOSIo)
DRV - [2006.11.22 08:01:00 | 000,250,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.10.20 13:26:52 | 000,478,432 | ---- | M] (Ekahau Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006.09.08 17:01:20 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.06.07 22:06:58 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.06.07 16:33:34 | 000,855,018 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btkrnl.sys -- (btkrnl)
DRV - [2006.06.07 16:29:10 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.06.07 16:28:20 | 000,149,028 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006.06.07 16:26:52 | 000,067,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.06.07 16:23:20 | 000,047,811 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006.05.17 01:15:00 | 000,019,328 | ---- | M] (SysKonnect) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\skvlan.sys -- (SkVlanProtocol) Marvell Virtual LAN (VLAN)
DRV - [2005.11.16 20:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005.11.01 18:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search..."
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://vshare.toolbarhome.com/?hp=df"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: D:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.10.04 21:58:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.10.04 21:58:29 | 000,000,000 | ---D | M]
[2009.03.28 19:38:24 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Extensions
[2011.05.03 22:47:57 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions
[2011.04.10 22:16:57 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.25 10:41:14 | 000,000,000 | ---D | M] (vShare) -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar
[2011.04.28 16:18:56 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-1.xml
[2010.04.05 13:18:59 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-10.xml
[2010.10.25 21:25:16 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-11.xml
[2008.10.10 18:29:02 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-2.xml
[2008.11.22 21:33:17 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-3.xml
[2009.01.03 15:08:31 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-4.xml
[2009.03.29 10:47:41 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-5.xml
[2009.04.12 10:08:11 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-6.xml
[2009.05.01 20:22:46 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-7.xml
[2009.05.10 21:35:44 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-8.xml
[2009.08.12 18:28:00 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-9.xml
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin.xml
[2011.04.28 16:09:28 | 000,001,583 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\web-search.xml
[2011.05.03 22:57:48 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2009.03.21 10:04:33 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\MACA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WI28R37Z.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\MACA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WI28R37Z.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
[2008.12.12 18:03:04 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008.03.24 20:21:00 | 002,889,088 | ---- | M] () -- D:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2010.03.21 15:00:24 | 000,000,638 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.03.21 15:00:24 | 000,001,687 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.03.21 15:00:24 | 000,001,367 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.03.21 15:00:24 | 000,000,654 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.03.21 15:00:24 | 000,001,179 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.09 10:18:10 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [4623 Scan2PC] D:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe ()
O4 - HKLM..\Run: [ACU] D:\Program Files\Ekahau\Ekahau Wireless Utility\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BenQSurround] D:\Program Files\BenQ\BenQ Surround\BenQSurround.exe (BenQ Corp.)
O4 - HKLM..\Run: [LanguageShortcut] D:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NotebookHardwareControl] D:\Program Files\Notebook Hardware Control\nhc.exe (http://www.pbus-167.com)
O4 - HKLM..\Run: [Q-HotkeyMgr] D:\Program Files\BenQ\Q-HotkeyMgr\HotkeySensor.exe (BenQ Corp.)
O4 - HKLM..\Run: [Samsung PanelMgr] D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003..\Run: [ICQ] D:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003..\Run: [T-Mobile Communication Centre] D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: D:\Documents and Settings\Maca\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 7934784652 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20 192.168.18.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Maca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Maca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.11 18:45:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found
Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - D:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2011.07.09 10:34:01 | 000,579,584 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
[2011.07.09 10:08:33 | 000,518,144 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2011.07.09 10:08:33 | 000,406,528 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2011.07.09 10:08:33 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2011.07.09 10:08:33 | 000,060,416 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2011.07.09 10:08:23 | 000,000,000 | ---D | C] -- D:\Qoobox
[2011.07.09 10:08:22 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Maca\Nabídka Start\Programy\Nástroje pro správu
[2011.07.09 10:06:32 | 004,137,062 | R--- | C] (Swearware) -- D:\Documents and Settings\Maca\Plocha\ComboFix.exe
[2011.07.09 04:06:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[2011.07.07 16:36:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Maca\Nabídka Start\Programy\CyberLink PowerDVD
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.07.09 10:34:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
[2011.07.09 10:33:27 | 000,459,264 | ---- | M] () -- D:\Documents and Settings\Maca\Plocha\CKScanner.exe
[2011.07.09 10:18:10 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2011.07.09 10:06:44 | 004,137,062 | R--- | M] (Swearware) -- D:\Documents and Settings\Maca\Plocha\ComboFix.exe
[2011.07.09 10:06:18 | 001,008,041 | ---- | M] () -- D:\Documents and Settings\Maca\Plocha\rkill.com
[2011.07.09 10:04:00 | 000,000,940 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.09 09:43:55 | 000,781,383 | ---- | M] () -- D:\Documents and Settings\Maca\Plocha\RSIT.exe
[2011.07.09 04:06:22 | 000,001,915 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.07.08 18:22:31 | 000,000,960 | ---- | M] () -- D:\WINDOWS\tasks\Google Software Updater.job
[2011.07.08 15:04:00 | 000,000,936 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.07 16:36:14 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) -- D:\WINDOWS\System32\drivers\nhcDriver.sys
[2011.07.07 16:36:10 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2011.07.07 16:36:08 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.09 10:33:26 | 000,459,264 | ---- | C] () -- D:\Documents and Settings\Maca\Plocha\CKScanner.exe
[2011.07.09 10:08:33 | 000,256,000 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2011.07.09 10:08:33 | 000,208,896 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2011.07.09 10:08:33 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2011.07.09 10:08:33 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2011.07.09 10:08:33 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2011.07.09 10:06:11 | 001,008,041 | ---- | C] () -- D:\Documents and Settings\Maca\Plocha\rkill.com
[2011.07.09 09:43:53 | 000,781,383 | ---- | C] () -- D:\Documents and Settings\Maca\Plocha\RSIT.exe
[2011.07.09 04:06:22 | 000,001,915 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.10.25 21:56:28 | 000,171,520 | R--- | C] () -- D:\WINDOWS\System32\NetFaxPort.dll
[2010.10.25 21:56:22 | 000,184,320 | ---- | C] () -- D:\WINDOWS\System32\SecSNMP.dll
[2010.10.25 21:56:00 | 000,011,237 | ---- | C] () -- D:\Documents and Settings\Maca\Data aplikací\SmarThruOptions.xml
[2010.10.25 21:55:32 | 000,000,124 | ---- | C] () -- D:\WINDOWS\Readiris.ini
[2010.10.25 21:55:29 | 000,023,040 | ---- | C] () -- D:\WINDOWS\System32\irisco32.dll
[2010.10.25 21:54:08 | 000,482,408 | ---- | C] () -- D:\WINDOWS\ssndii.exe
[2010.10.25 21:54:03 | 000,113,768 | ---- | C] () -- D:\WINDOWS\Wiainst.exe
[2010.10.25 21:53:24 | 000,026,624 | ---- | C] () -- D:\WINDOWS\System32\sso2ml3.dll
[2010.10.25 21:51:19 | 000,191,488 | ---- | C] () -- D:\WINDOWS\System32\SaXPWIA.dll
[2010.10.25 21:51:19 | 000,140,288 | ---- | C] () -- D:\WINDOWS\System32\SaXPEH.dll
[2010.10.25 21:51:19 | 000,138,240 | ---- | C] () -- D:\WINDOWS\System32\SaXPUIEx.dll
[2010.10.25 21:51:19 | 000,117,248 | ---- | C] () -- D:\WINDOWS\System32\SaXPIPH.dll
[2010.10.25 21:51:19 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\SaXPSTI.dll
[2010.02.21 10:40:59 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat
[2008.12.16 19:34:31 | 000,001,818 | ---- | C] () -- D:\WINDOWS\wincmd.ini
[2008.05.05 21:37:07 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2008.05.05 21:37:05 | 000,052,736 | ---- | C] () -- D:\Documents and Settings\Maca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.19 19:11:46 | 000,001,160 | ---- | C] () -- D:\WINDOWS\mozver.dat
[2008.04.13 12:28:21 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2008.04.11 23:32:42 | 000,000,032 | ---- | C] () -- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.04.11 22:28:38 | 000,000,390 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2008.04.11 20:35:14 | 000,004,249 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2008.04.11 20:34:07 | 000,133,280 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2008.04.11 20:27:58 | 000,011,520 | ---- | C] () -- D:\WINDOWS\System32\QBIOSIo.dll
[2008.04.11 20:27:58 | 000,009,121 | ---- | C] () -- D:\WINDOWS\System32\Modelversion.ini
[2008.04.11 20:22:04 | 001,060,424 | ---- | C] () -- D:\WINDOWS\System32\WdfCoInstaller01000.dll
[2008.04.11 19:12:20 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\acs.exe
[2008.04.11 19:12:12 | 000,315,392 | ---- | C] () -- D:\WINDOWS\System32\AegisI5.exe
[2008.04.11 19:09:14 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2008.04.11 19:03:11 | 000,016,480 | ---- | C] () -- D:\WINDOWS\System32\rixdicon.dll
[2008.04.11 18:56:37 | 000,701,840 | ---- | C] () -- D:\WINDOWS\System32\igmedkrn.dll
[2008.04.11 18:56:37 | 000,204,800 | ---- | C] () -- D:\WINDOWS\System32\igfxCoIn_v4785.dll
[2008.04.11 18:47:44 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2008.04.11 18:42:04 | 000,021,812 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2006.06.07 16:52:08 | 000,090,112 | ---- | C] () -- D:\WINDOWS\System32\btprn2k.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- D:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- D:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- D:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- D:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- D:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\ogg.dll
[2004.08.17 15:58:58 | 000,001,788 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- D:\WINDOWS\System32\lcppn21.dll
[2001.10.25 16:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001.10.25 16:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001.10.25 16:00:00 | 000,397,560 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,394,788 | ---- | C] () -- D:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- D:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001.10.25 16:00:00 | 000,070,376 | ---- | C] () -- D:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,059,780 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- D:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001.10.25 16:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001.10.25 16:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.04.10 22:16:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.04.06 21:47:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Data aplikací\Softland
[2009.06.16 20:09:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\GARMIN
[2011.07.07 16:36:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ
[2008.04.11 22:05:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ Toolbar
[2008.04.13 21:35:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQLite
[2011.01.25 10:41:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\vShare
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.02.24 22:31:09 | 000,039,408 | ---- | M] (Google Inc.)
"T-Mobile Communication Centre" = "D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun -- [2008.10.07 17:18:48 | 001,495,072 | ---- | M] (Gemfor s.r.o.)
"Skype" = "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.12.03 17:46:34 | 014,944,136 | R--- | M] (Skype Technologies S.A.)
"ICQ" = "D:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 -- [2011.04.10 22:16:09 | 000,119,608 | ---- | M] (ICQ, LLC.)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.02.08 14:13:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Adobe
[2008.05.18 11:08:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Ahead
[2008.04.19 18:06:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Apple Computer
[2008.04.11 23:40:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ArcSoft
[2009.01.09 22:20:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\CyberLink
[2009.06.16 20:09:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\GARMIN
[2010.01.27 11:03:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Google
[2011.07.07 16:36:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ
[2008.04.11 22:05:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ Toolbar
[2008.04.13 21:35:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQLite
[2008.04.11 18:50:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Identities
[2010.10.25 21:56:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\InstallShield
[2008.04.11 20:51:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Macromedia
[2009.03.30 23:23:07 | 000,000,000 | --SD | M] -- D:\Documents and Settings\Maca\Data aplikací\Microsoft
[2009.03.28 19:38:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Mozilla
[2011.07.09 10:36:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Skype
[2011.07.09 08:06:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\skypePM
[2008.12.12 18:02:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Sun
[2011.01.25 10:41:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\vShare
[2009.10.15 08:59:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Winamp
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- D:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- D:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\ERDNT\cache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- D:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- D:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- D:\WINDOWS\ERDNT\cache\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- D:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- D:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- D:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\ERDNT\cache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\system32\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\ERDNT\cache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\ERDNT\cache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\system32\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\system32\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\system32\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\system32\drivers\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- D:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- D:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- D:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- D:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\system32\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\ERDNT\cache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\system32\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.04.11 20:32:55 | 000,094,208 | ---- | M] () -- D:\WINDOWS\System32\config\default.sav
[2008.04.11 20:32:55 | 000,663,552 | ---- | M] () -- D:\WINDOWS\System32\config\software.sav
[2008.04.11 20:32:55 | 000,487,424 | ---- | M] () -- D:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2011.07.07 16:36:14 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) -- D:\WINDOWS\system32\drivers\nhcDriver.sys
< %systemroot%\system32\*.* /3 >
[2011.07.07 16:36:10 | 000,002,206 | ---- | M] () -- D:\WINDOWS\system32\wpa.dbl
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< End of report >
EXTRAS.TXT
OTL Extras logfile created on: 9.7.2011 10:38:08 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Maca\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 311,89 Mb Available Physical Memory | 30,75% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,11% Paging File free
Paging file location(s): D:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 111,78 Gb Total Space | 54,72 Gb Free Space | 48,95% Space Free | Partition Type: NTFS
Drive D: | 37,25 Gb Total Space | 12,94 Gb Free Space | 34,75% Space Free | Partition Type: NTFS
Computer Name: MARCELA | User Name: Maca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Program Files\ICQ7.4\ICQ.exe" = D:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"D:\Program Files\WIP Miranda IM 1.7\miranda32.exe" = D:\Program Files\WIP Miranda IM 1.7\miranda32.exe:*:Enabled:Miranda IM -- ( )
"D:\Program Files\WIP Miranda IM 1.7.3\miranda32.exe" = D:\Program Files\WIP Miranda IM 1.7.3\miranda32.exe:*:Enabled:Miranda IM -- ( )
"D:\WINDOWS\twain_32\Samsung\ScanMgr.exe" = D:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger -- (Samsung Electronics)
"D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe" = D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe:*:Enabled:ScanToPC -- ()
"D:\WINDOWS\twain_32\Samsung\SCX4623\Sscan2io.exe" = D:\WINDOWS\twain_32\Samsung\SCX4623\Sscan2io.exe:*:Enabled:SScanToIO -- ()
"D:\Program Files\ICQ7.4\ICQ.exe" = D:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"D:\Program Files\BitLord2\BitLord.exe" = D:\Program Files\BitLord2\BitLord.exe:*:Enabled:Bitlord2 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BBBA9F0-3895-4F70-9110-747B82BE3F51}" = Marvell CPA
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Ekahau Wireless Utility
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{487A2763-CCCE-4F9E-9214-767F4FFF9F5C}" = Q-HotkeyMgr
"{6569F177-7DD7-4B94-B5E4-07ADC0E3379A}" = QMobilityTuner
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{729250B9-1E9E-44D0-96F3-128691D3BF5F}" = ArcSoft WebCam Companion 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{80078570-6C67-486C-8CF0-B0D778FC69B5}" = Samsung Network PC Fax
"{851E2A14-C07E-4507-8B1A-A04C4D571029}" = Nero 7 Essentials
"{89E13B5A-A616-4AEE-8D72-521B37D9A258}" = BenQ Surround
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}" = Kontrola české gramatiky pro sadu Microsoft Office 2003
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE38545B-08F7-4f80-95AE-752B99BF159C}" = Web'n'walk 4G software
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast!" = avast! Antivirus
"BitLord_is1" = BitLord v2.0
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"doPDF 6 printer_is1" = doPDF 6.3 printer
"DVD Shrink_is1" = DVD Shrink 3.2
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06
"rajče.net_is1" = rajče beta50
"Samsung SCX-4623 Series" = Údržba Samsung SCX-4623 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Communication Centre" = Web'n'walk Manager
"Totalcmd" = Total Commander (Remove or Repair)
"Vícejazyčný překladový slovník_is1" = Vícejazyčný překladový slovník 1.1
"VMidi" = vanBasco's Karaoke Player
"vShare" = vShare Plugin
"Wdf01000" = Microsoft Kernel-Mode Driver Framework 1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WIP Miranda IM 1.7.3_is1" = WIP Miranda IM 1.7.3
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 28.12.2008 15:01:37 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://jizdnirady.idnes.cz/ScriptResour ... 0853437500
failed, 0000A413.
Error - 19.4.2009 5:15:53 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\Program Files\Nero\Nero 7\Nero Home\Skins\Horizon Sphere\Graphics\Backgrounds\Sand.jpg
failed, 0000001E.
Error - 10.9.2009 14:12:44 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\Program Files\Nero\Nero 7\Nero Home\Skins\Horizon Sphere\Graphics\Backgrounds\Sand.jpg
failed, 0000001E.
Error - 19.11.2009 11:20:54 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.youtube.com/get_video_info?& ... ySKA&hl=cs
failed, 0000A413.
Error - 26.4.2010 1:39:18 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\Documents and Settings\Maca\Data aplikací\Macromedia\Flash Player\#SharedObjects\B564QLJ7\oddcast.com\##1EF58CAB8DED656C\00000001.sxx
failed, 00000005.
[ Application Events ]
Error - 26.6.2011 6:08:45 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 26.6.2011 16:25:45 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 27.6.2011 1:42:32 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.6.2011 2:03:00 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 29.6.2011 8:06:32 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 30.6.2011 11:52:29 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 1.7.2011 0:34:07 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 4.7.2011 4:19:58 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 6.7.2011 10:19:48 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 7.7.2011 10:36:19 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 9.7.2011 5:05:26 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:31 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:37 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:42 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:47 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:52 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:58 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:06:03 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:06:09 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:06:15 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
< End of report >
scanner sequence 3.MN.11.VEAPHJ
----- EOF -----
OTL.TXT
OTL logfile created on: 9.7.2011 10:38:08 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Maca\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 311,89 Mb Available Physical Memory | 30,75% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,11% Paging File free
Paging file location(s): D:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 111,78 Gb Total Space | 54,72 Gb Free Space | 48,95% Space Free | Partition Type: NTFS
Drive D: | 37,25 Gb Total Space | 12,94 Gb Free Space | 34,75% Space Free | Partition Type: NTFS
Computer Name: MARCELA | User Name: Maca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.07.09 10:34:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
PRC - [2011.04.10 22:16:09 | 000,119,608 | ---- | M] (ICQ, LLC.) -- D:\Program Files\ICQ7.4\ICQ.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- D:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.09.11 15:02:26 | 000,162,304 | ---- | M] () -- D:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe
PRC - [2009.09.10 16:39:45 | 001,968,640 | ---- | M] () -- D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe
PRC - [2009.08.17 18:07:23 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.08.17 18:07:17 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.08.17 17:58:55 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.08.14 12:03:06 | 000,614,400 | ---- | M] () -- D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008.10.07 17:18:48 | 001,495,072 | ---- | M] (Gemfor s.r.o.) -- D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2007.05.11 03:06:00 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- D:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2007.05.04 02:33:22 | 002,629,632 | ---- | M] (http://www.pbus-167.com) -- D:\Program Files\Notebook Hardware Control\nhc.exe
PRC - [2007.04.20 11:33:48 | 001,187,840 | ---- | M] (BenQ Corp.) -- D:\Program Files\BenQ\BenQ Surround\BenQSurround.exe
PRC - [2006.06.07 17:05:38 | 000,553,021 | ---- | M] (Broadcom Corporation.) -- D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
========== Modules (SafeList) ==========
MOD - [2011.07.09 10:34:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006.06.07 17:07:04 | 000,053,248 | ---- | M] () -- D:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (wuauserv)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- D:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.09.11 15:02:26 | 000,162,304 | ---- | M] () [Auto | Running] -- D:\WINDOWS\System32\spool\drivers\w32x86\3\NetFaxServer.exe -- (Samsung Network Fax Server)
SRV - [2009.08.17 18:07:17 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.08.17 18:07:01 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.08.17 18:04:21 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.08.17 17:58:55 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2006.04.19 13:35:22 | 000,036,864 | ---- | M] () [Auto | Stopped] -- D:\WINDOWS\system32\acs.exe -- (ACS)
========== Driver Services (SafeList) ==========
DRV - [2011.07.07 16:36:14 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2009.08.17 18:06:43 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.08.17 18:05:52 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.08.17 18:05:37 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.08.17 18:04:40 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.08.17 18:04:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.08.17 18:03:21 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.02.11 03:48:20 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- D:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2008.10.10 10:10:26 | 000,051,040 | R--- | M] (IPWireless Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ipw3gnet.sys -- (IpwP)
DRV - [2008.05.02 11:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.04.05 15:05:48 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.07.10 09:56:34 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.01.20 00:02:16 | 000,011,520 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\QBIOSIo.dll -- (QBIOSIo)
DRV - [2006.11.22 08:01:00 | 000,250,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.10.20 13:26:52 | 000,478,432 | ---- | M] (Ekahau Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006.09.08 17:01:20 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.06.07 22:06:58 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.06.07 16:33:34 | 000,855,018 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\btkrnl.sys -- (btkrnl)
DRV - [2006.06.07 16:29:10 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.06.07 16:28:20 | 000,149,028 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006.06.07 16:26:52 | 000,067,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.06.07 16:23:20 | 000,047,811 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006.05.17 01:15:00 | 000,019,328 | ---- | M] (SysKonnect) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\skvlan.sys -- (SkVlanProtocol) Marvell Virtual LAN (VLAN)
DRV - [2005.11.16 20:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005.11.01 18:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search..."
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://vshare.toolbarhome.com/?hp=df"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: D:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.10.04 21:58:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.10.04 21:58:29 | 000,000,000 | ---D | M]
[2009.03.28 19:38:24 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Extensions
[2011.05.03 22:47:57 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions
[2011.04.10 22:16:57 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.25 10:41:14 | 000,000,000 | ---D | M] (vShare) -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar
[2011.04.28 16:18:56 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-1.xml
[2010.04.05 13:18:59 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-10.xml
[2010.10.25 21:25:16 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-11.xml
[2008.10.10 18:29:02 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-2.xml
[2008.11.22 21:33:17 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-3.xml
[2009.01.03 15:08:31 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-4.xml
[2009.03.29 10:47:41 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-5.xml
[2009.04.12 10:08:11 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-6.xml
[2009.05.01 20:22:46 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-7.xml
[2009.05.10 21:35:44 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-8.xml
[2009.08.12 18:28:00 | 000,000,950 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin-9.xml
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\icqplugin.xml
[2011.04.28 16:09:28 | 000,001,583 | ---- | M] () -- D:\Documents and Settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\searchplugins\web-search.xml
[2011.05.03 22:57:48 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2009.03.21 10:04:33 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\MACA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WI28R37Z.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- D:\DOCUMENTS AND SETTINGS\MACA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WI28R37Z.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
[2008.12.12 18:03:04 | 000,000,000 | ---D | M] (Java Quick Starter) -- D:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008.03.24 20:21:00 | 002,889,088 | ---- | M] () -- D:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2010.03.21 15:00:24 | 000,000,638 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.03.21 15:00:24 | 000,001,687 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.03.21 15:00:24 | 000,001,367 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.03.21 15:00:24 | 000,000,654 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.03.21 15:00:24 | 000,001,179 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.09 10:18:10 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\1104102216\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [4623 Scan2PC] D:\WINDOWS\Twain_32\Samsung\SCX4623\Scan2pc.exe ()
O4 - HKLM..\Run: [ACU] D:\Program Files\Ekahau\Ekahau Wireless Utility\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BenQSurround] D:\Program Files\BenQ\BenQ Surround\BenQSurround.exe (BenQ Corp.)
O4 - HKLM..\Run: [LanguageShortcut] D:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NotebookHardwareControl] D:\Program Files\Notebook Hardware Control\nhc.exe (http://www.pbus-167.com)
O4 - HKLM..\Run: [Q-HotkeyMgr] D:\Program Files\BenQ\Q-HotkeyMgr\HotkeySensor.exe (BenQ Corp.)
O4 - HKLM..\Run: [Samsung PanelMgr] D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003..\Run: [ICQ] D:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003..\Run: [T-Mobile Communication Centre] D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O4 - Startup: D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: D:\Documents and Settings\Maca\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1801674531-1336601894-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 7934784652 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20 192.168.18.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Maca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Maca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.11 18:45:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - File not found
Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - D:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2011.07.09 10:34:01 | 000,579,584 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
[2011.07.09 10:08:33 | 000,518,144 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWREG.exe
[2011.07.09 10:08:33 | 000,406,528 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWSC.exe
[2011.07.09 10:08:33 | 000,212,480 | ---- | C] (SteelWerX) -- D:\WINDOWS\SWXCACLS.exe
[2011.07.09 10:08:33 | 000,060,416 | ---- | C] (NirSoft) -- D:\WINDOWS\NIRCMD.exe
[2011.07.09 10:08:23 | 000,000,000 | ---D | C] -- D:\Qoobox
[2011.07.09 10:08:22 | 000,000,000 | R--D | C] -- D:\Documents and Settings\Maca\Nabídka Start\Programy\Nástroje pro správu
[2011.07.09 10:06:32 | 004,137,062 | R--- | C] (Swearware) -- D:\Documents and Settings\Maca\Plocha\ComboFix.exe
[2011.07.09 04:06:22 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[2011.07.07 16:36:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Maca\Nabídka Start\Programy\CyberLink PowerDVD
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.07.09 10:34:04 | 000,579,584 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Maca\Plocha\OTL.exe
[2011.07.09 10:33:27 | 000,459,264 | ---- | M] () -- D:\Documents and Settings\Maca\Plocha\CKScanner.exe
[2011.07.09 10:18:10 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2011.07.09 10:06:44 | 004,137,062 | R--- | M] (Swearware) -- D:\Documents and Settings\Maca\Plocha\ComboFix.exe
[2011.07.09 10:06:18 | 001,008,041 | ---- | M] () -- D:\Documents and Settings\Maca\Plocha\rkill.com
[2011.07.09 10:04:00 | 000,000,940 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.09 09:43:55 | 000,781,383 | ---- | M] () -- D:\Documents and Settings\Maca\Plocha\RSIT.exe
[2011.07.09 04:06:22 | 000,001,915 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.07.08 18:22:31 | 000,000,960 | ---- | M] () -- D:\WINDOWS\tasks\Google Software Updater.job
[2011.07.08 15:04:00 | 000,000,936 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.07 16:36:14 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) -- D:\WINDOWS\System32\drivers\nhcDriver.sys
[2011.07.07 16:36:10 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2011.07.07 16:36:08 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.09 10:33:26 | 000,459,264 | ---- | C] () -- D:\Documents and Settings\Maca\Plocha\CKScanner.exe
[2011.07.09 10:08:33 | 000,256,000 | ---- | C] () -- D:\WINDOWS\PEV.exe
[2011.07.09 10:08:33 | 000,208,896 | ---- | C] () -- D:\WINDOWS\MBR.exe
[2011.07.09 10:08:33 | 000,098,816 | ---- | C] () -- D:\WINDOWS\sed.exe
[2011.07.09 10:08:33 | 000,080,412 | ---- | C] () -- D:\WINDOWS\grep.exe
[2011.07.09 10:08:33 | 000,068,096 | ---- | C] () -- D:\WINDOWS\zip.exe
[2011.07.09 10:06:11 | 001,008,041 | ---- | C] () -- D:\Documents and Settings\Maca\Plocha\rkill.com
[2011.07.09 09:43:53 | 000,781,383 | ---- | C] () -- D:\Documents and Settings\Maca\Plocha\RSIT.exe
[2011.07.09 04:06:22 | 000,001,915 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.10.25 21:56:28 | 000,171,520 | R--- | C] () -- D:\WINDOWS\System32\NetFaxPort.dll
[2010.10.25 21:56:22 | 000,184,320 | ---- | C] () -- D:\WINDOWS\System32\SecSNMP.dll
[2010.10.25 21:56:00 | 000,011,237 | ---- | C] () -- D:\Documents and Settings\Maca\Data aplikací\SmarThruOptions.xml
[2010.10.25 21:55:32 | 000,000,124 | ---- | C] () -- D:\WINDOWS\Readiris.ini
[2010.10.25 21:55:29 | 000,023,040 | ---- | C] () -- D:\WINDOWS\System32\irisco32.dll
[2010.10.25 21:54:08 | 000,482,408 | ---- | C] () -- D:\WINDOWS\ssndii.exe
[2010.10.25 21:54:03 | 000,113,768 | ---- | C] () -- D:\WINDOWS\Wiainst.exe
[2010.10.25 21:53:24 | 000,026,624 | ---- | C] () -- D:\WINDOWS\System32\sso2ml3.dll
[2010.10.25 21:51:19 | 000,191,488 | ---- | C] () -- D:\WINDOWS\System32\SaXPWIA.dll
[2010.10.25 21:51:19 | 000,140,288 | ---- | C] () -- D:\WINDOWS\System32\SaXPEH.dll
[2010.10.25 21:51:19 | 000,138,240 | ---- | C] () -- D:\WINDOWS\System32\SaXPUIEx.dll
[2010.10.25 21:51:19 | 000,117,248 | ---- | C] () -- D:\WINDOWS\System32\SaXPIPH.dll
[2010.10.25 21:51:19 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\SaXPSTI.dll
[2010.02.21 10:40:59 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat
[2008.12.16 19:34:31 | 000,001,818 | ---- | C] () -- D:\WINDOWS\wincmd.ini
[2008.05.05 21:37:07 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2008.05.05 21:37:05 | 000,052,736 | ---- | C] () -- D:\Documents and Settings\Maca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.19 19:11:46 | 000,001,160 | ---- | C] () -- D:\WINDOWS\mozver.dat
[2008.04.13 12:28:21 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2008.04.11 23:32:42 | 000,000,032 | ---- | C] () -- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.04.11 22:28:38 | 000,000,390 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2008.04.11 20:35:14 | 000,004,249 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2008.04.11 20:34:07 | 000,133,280 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2008.04.11 20:27:58 | 000,011,520 | ---- | C] () -- D:\WINDOWS\System32\QBIOSIo.dll
[2008.04.11 20:27:58 | 000,009,121 | ---- | C] () -- D:\WINDOWS\System32\Modelversion.ini
[2008.04.11 20:22:04 | 001,060,424 | ---- | C] () -- D:\WINDOWS\System32\WdfCoInstaller01000.dll
[2008.04.11 19:12:20 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\acs.exe
[2008.04.11 19:12:12 | 000,315,392 | ---- | C] () -- D:\WINDOWS\System32\AegisI5.exe
[2008.04.11 19:09:14 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2008.04.11 19:03:11 | 000,016,480 | ---- | C] () -- D:\WINDOWS\System32\rixdicon.dll
[2008.04.11 18:56:37 | 000,701,840 | ---- | C] () -- D:\WINDOWS\System32\igmedkrn.dll
[2008.04.11 18:56:37 | 000,204,800 | ---- | C] () -- D:\WINDOWS\System32\igfxCoIn_v4785.dll
[2008.04.11 18:47:44 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2008.04.11 18:42:04 | 000,021,812 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2006.06.07 16:52:08 | 000,090,112 | ---- | C] () -- D:\WINDOWS\System32\btprn2k.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- D:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- D:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- D:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- D:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- D:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\ogg.dll
[2004.08.17 15:58:58 | 000,001,788 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- D:\WINDOWS\System32\lcppn21.dll
[2001.10.25 16:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001.10.25 16:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001.10.25 16:00:00 | 000,397,560 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,394,788 | ---- | C] () -- D:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- D:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001.10.25 16:00:00 | 000,070,376 | ---- | C] () -- D:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,059,780 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- D:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001.10.25 16:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001.10.25 16:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.04.10 22:16:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.04.06 21:47:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Data aplikací\Softland
[2009.06.16 20:09:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\GARMIN
[2011.07.07 16:36:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ
[2008.04.11 22:05:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ Toolbar
[2008.04.13 21:35:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQLite
[2011.01.25 10:41:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\vShare
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.02.24 22:31:09 | 000,039,408 | ---- | M] (Google Inc.)
"T-Mobile Communication Centre" = "D:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun -- [2008.10.07 17:18:48 | 001,495,072 | ---- | M] (Gemfor s.r.o.)
"Skype" = "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.12.03 17:46:34 | 014,944,136 | R--- | M] (Skype Technologies S.A.)
"ICQ" = "D:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 -- [2011.04.10 22:16:09 | 000,119,608 | ---- | M] (ICQ, LLC.)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.02.08 14:13:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Adobe
[2008.05.18 11:08:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Ahead
[2008.04.19 18:06:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Apple Computer
[2008.04.11 23:40:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ArcSoft
[2009.01.09 22:20:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\CyberLink
[2009.06.16 20:09:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\GARMIN
[2010.01.27 11:03:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Google
[2011.07.07 16:36:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ
[2008.04.11 22:05:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQ Toolbar
[2008.04.13 21:35:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\ICQLite
[2008.04.11 18:50:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Identities
[2010.10.25 21:56:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\InstallShield
[2008.04.11 20:51:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Macromedia
[2009.03.30 23:23:07 | 000,000,000 | --SD | M] -- D:\Documents and Settings\Maca\Data aplikací\Microsoft
[2009.03.28 19:38:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Mozilla
[2011.07.09 10:36:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Skype
[2011.07.09 08:06:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\skypePM
[2008.12.12 18:02:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Sun
[2011.01.25 10:41:13 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\vShare
[2009.10.15 08:59:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Maca\Data aplikací\Winamp
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- D:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- D:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- D:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- D:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\ERDNT\cache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- D:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- D:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- D:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- D:\WINDOWS\ERDNT\cache\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- D:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- D:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- D:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- D:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\ERDNT\cache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- D:\WINDOWS\system32\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\ERDNT\cache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- D:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\ERDNT\cache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- D:\WINDOWS\system32\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- D:\WINDOWS\system32\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- D:\WINDOWS\system32\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- D:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- D:\WINDOWS\system32\drivers\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- D:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- D:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- D:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- D:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- D:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- D:\WINDOWS\system32\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\ERDNT\cache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- D:\WINDOWS\system32\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.04.11 20:32:55 | 000,094,208 | ---- | M] () -- D:\WINDOWS\System32\config\default.sav
[2008.04.11 20:32:55 | 000,663,552 | ---- | M] () -- D:\WINDOWS\System32\config\software.sav
[2008.04.11 20:32:55 | 000,487,424 | ---- | M] () -- D:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2011.07.07 16:36:14 | 000,022,528 | ---- | M] (pBUS-167 Software - http://www.pbus-167.com) -- D:\WINDOWS\system32\drivers\nhcDriver.sys
< %systemroot%\system32\*.* /3 >
[2011.07.07 16:36:10 | 000,002,206 | ---- | M] () -- D:\WINDOWS\system32\wpa.dbl
[1 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< End of report >
EXTRAS.TXT
OTL Extras logfile created on: 9.7.2011 10:38:08 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Documents and Settings\Maca\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 311,89 Mb Available Physical Memory | 30,75% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,11% Paging File free
Paging file location(s): D:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 111,78 Gb Total Space | 54,72 Gb Free Space | 48,95% Space Free | Partition Type: NTFS
Drive D: | 37,25 Gb Total Space | 12,94 Gb Free Space | 34,75% Space Free | Partition Type: NTFS
Computer Name: MARCELA | User Name: Maca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Program Files\ICQ7.4\ICQ.exe" = D:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = D:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"D:\Program Files\WIP Miranda IM 1.7\miranda32.exe" = D:\Program Files\WIP Miranda IM 1.7\miranda32.exe:*:Enabled:Miranda IM -- ( )
"D:\Program Files\WIP Miranda IM 1.7.3\miranda32.exe" = D:\Program Files\WIP Miranda IM 1.7.3\miranda32.exe:*:Enabled:Miranda IM -- ( )
"D:\WINDOWS\twain_32\Samsung\ScanMgr.exe" = D:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger -- (Samsung Electronics)
"D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe" = D:\WINDOWS\twain_32\Samsung\SCX4623\Scan2Pc.exe:*:Enabled:ScanToPC -- ()
"D:\WINDOWS\twain_32\Samsung\SCX4623\Sscan2io.exe" = D:\WINDOWS\twain_32\Samsung\SCX4623\Sscan2io.exe:*:Enabled:SScanToIO -- ()
"D:\Program Files\ICQ7.4\ICQ.exe" = D:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"D:\Program Files\BitLord2\BitLord.exe" = D:\Program Files\BitLord2\BitLord.exe:*:Enabled:Bitlord2 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BBBA9F0-3895-4F70-9110-747B82BE3F51}" = Marvell CPA
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Ekahau Wireless Utility
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{487A2763-CCCE-4F9E-9214-767F4FFF9F5C}" = Q-HotkeyMgr
"{6569F177-7DD7-4B94-B5E4-07ADC0E3379A}" = QMobilityTuner
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{729250B9-1E9E-44D0-96F3-128691D3BF5F}" = ArcSoft WebCam Companion 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{80078570-6C67-486C-8CF0-B0D778FC69B5}" = Samsung Network PC Fax
"{851E2A14-C07E-4507-8B1A-A04C4D571029}" = Nero 7 Essentials
"{89E13B5A-A616-4AEE-8D72-521B37D9A258}" = BenQ Surround
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}" = Kontrola české gramatiky pro sadu Microsoft Office 2003
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE38545B-08F7-4f80-95AE-752B99BF159C}" = Web'n'walk 4G software
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast!" = avast! Antivirus
"BitLord_is1" = BitLord v2.0
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"doPDF 6 printer_is1" = doPDF 6.3 printer
"DVD Shrink_is1" = DVD Shrink 3.2
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06
"rajče.net_is1" = rajče beta50
"Samsung SCX-4623 Series" = Údržba Samsung SCX-4623 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Communication Centre" = Web'n'walk Manager
"Totalcmd" = Total Commander (Remove or Repair)
"Vícejazyčný překladový slovník_is1" = Vícejazyčný překladový slovník 1.1
"VMidi" = vanBasco's Karaoke Player
"vShare" = vShare Plugin
"Wdf01000" = Microsoft Kernel-Mode Driver Framework 1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WIP Miranda IM 1.7.3_is1" = WIP Miranda IM 1.7.3
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 28.12.2008 15:01:37 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://jizdnirady.idnes.cz/ScriptResour ... 0853437500
failed, 0000A413.
Error - 19.4.2009 5:15:53 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\Program Files\Nero\Nero 7\Nero Home\Skins\Horizon Sphere\Graphics\Backgrounds\Sand.jpg
failed, 0000001E.
Error - 10.9.2009 14:12:44 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\Program Files\Nero\Nero 7\Nero Home\Skins\Horizon Sphere\Graphics\Backgrounds\Sand.jpg
failed, 0000001E.
Error - 19.11.2009 11:20:54 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.youtube.com/get_video_info?& ... ySKA&hl=cs
failed, 0000A413.
Error - 26.4.2010 1:39:18 | Computer Name = MARCELA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\Documents and Settings\Maca\Data aplikací\Macromedia\Flash Player\#SharedObjects\B564QLJ7\oddcast.com\##1EF58CAB8DED656C\00000001.sxx
failed, 00000005.
[ Application Events ]
Error - 26.6.2011 6:08:45 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 26.6.2011 16:25:45 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 27.6.2011 1:42:32 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.6.2011 2:03:00 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 29.6.2011 8:06:32 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 30.6.2011 11:52:29 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 1.7.2011 0:34:07 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 4.7.2011 4:19:58 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 6.7.2011 10:19:48 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 7.7.2011 10:36:19 | Computer Name = MARCELA | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 9.7.2011 5:05:26 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:31 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:37 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:42 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:47 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:52 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:05:58 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:06:03 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:06:09 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.7.2011 5:06:15 | Computer Name = MARCELA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
< End of report >
Re: Kontrola logu
vy jste tam poustel mezitim ComboFix 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Zdravím! Bohužel jsem se uklikla vedle - přečetla si příspěvek pro někoho jiného, proběhla PC Combofixem. Pak jsem si teprve všimla, že příspěvek není reakcí na můj log a vrátila se k Vaší intrukci... 
Re: Kontrola logu
CFko by melo vytvorit log a mel by byt umisten zde c:\combofix.txt, ten mi sem prosim vlozte Pokud neni, tak mi zabalte obsah cele slozky c:\qoobox a uploadnete mi ji sem http://vyosek.ic.cz/havet/uploader.ph"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
ComboFix 11-07-08.03 - Maca 09.07.2011 10:10:19.7.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.315 [GMT 2:00]
Spuštěný z: d:\documents and settings\Maca\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 110708-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\windows\vb.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-09 do 2011-07-09 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-07 14:36 . 2008-04-11 20:12 22528 ----a-w- d:\windows\system32\drivers\nhcDriver.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-24 39408]
"T-Mobile Communication Centre"="d:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2008-10-07 1495072]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]
"ICQ"="d:\program files\ICQ7.4\ICQ.exe" [2011-04-10 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-04-05 138008]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-04-05 162584]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-04-05 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"AGRSMMSG"="AGRSMMSG.exe" [2008-04-05 88363]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-19 861744]
"BenQSurround"="d:\program files\BenQ\BenQ Surround\BenQSurround.exe" [2007-04-20 1187840]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"RemoteControl"="d:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="d:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"Q-HotkeyMgr"="d:\program files\BenQ\Q-HotkeyMgr\HotkeySensor.exe" [2007-03-22 237673]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ACU"="d:\program files\Ekahau\Ekahau Wireless Utility\ACU.exe" [2006-05-09 303104]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2008-03-27 36352]
"NotebookHardwareControl"="d:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Samsung PanelMgr"="d:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-08-14 614400]
"4623 Scan2PC"="d:\windows\Twain_32\Samsung\SCX4623\Scan2pc.exe" [2009-09-10 1968640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
d:\documents and settings\Maca\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - d:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - d:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-6-7 553021]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7\\miranda32.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7.3\\miranda32.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Scan2Pc.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Sscan2io.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\ICQ7.4\\ICQ.exe"=
"d:\\Program Files\\BitLord2\\BitLord.exe"=
.
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [25.7.2010 23:00 114768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [25.7.2010 23:00 20560]
R2 ICQ Service;ICQ Service;d:\program files\ICQ6Toolbar\ICQ Service.exe [2.7.2008 18:59 247096]
R2 QBIOSIo;QBIOSIo.dll;d:\windows\system32\QBIOSIo.dll [11.4.2008 20:27 11520]
R2 Samsung Network Fax Server;Samsung Network Fax Server;d:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [25.10.2010 21:56 162304]
S2 gupdate1c996bee849d438;Služba Google Update (gupdate1c996bee849d438);d:\program files\Google\Update\GoogleUpdate.exe [24.2.2009 22:31 133104]
S2 SSPORT;SSPORT;\??\d:\windows\system32\Drivers\SSPORT.sys --> d:\windows\system32\Drivers\SSPORT.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);d:\program files\Google\Update\GoogleUpdate.exe [24.2.2009 22:31 133104]
S3 ipw_bus;IPWireless;d:\windows\system32\DRIVERS\ipw_bus.sys --> d:\windows\system32\DRIVERS\ipw_bus.sys [?]
S3 ipw_mdfl;Wireless Broadband Modem Filter;d:\windows\system32\DRIVERS\ipw_mdfl.sys --> d:\windows\system32\DRIVERS\ipw_mdfl.sys [?]
S3 ipw_mdm;Wireless Broadband Modem (WDM);d:\windows\system32\DRIVERS\ipw_mdm.sys --> d:\windows\system32\DRIVERS\ipw_mdm.sys [?]
S3 IpwP;IPWireless 3G Network Adapter;d:\windows\system32\drivers\ipw3gnet.sys [20.3.2010 14:10 51040]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support;d:\windows\system32\DRIVERS\yk51lagg.sys --> d:\windows\system32\DRIVERS\yk51lagg.sys [?]
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support;d:\windows\system32\drivers\skvlan.sys [17.5.2006 1:15 19328]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-29 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]
.
2011-07-08 d:\windows\Tasks\Google Software Updater.job
- d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-24 09:52]
.
2011-07-08 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-02-24 20:31]
.
2011-07-09 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-02-24 20:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: WikiKomentáře Google... - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - d:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.20 192.168.18.1
FF - ProfilePath - d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\
FF - prefs.js: browser.search.selectedEngine - Web Search...
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-09 10:18
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-07-09 10:20:41
ComboFix-quarantined-files.txt 2011-07-09 08:20
ComboFix2.txt 2009-05-04 21:06
.
Před spuštěním: Volných bajtů: 12 944 670 720
Po spuštění: Volných bajtů: 13 876 727 808
.
- - End Of File - - 4D7E89B4A03FA5CC662DC8105B4D1EE8
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.315 [GMT 2:00]
Spuštěný z: d:\documents and settings\Maca\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 110708-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\windows\vb.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-09 do 2011-07-09 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-07 14:36 . 2008-04-11 20:12 22528 ----a-w- d:\windows\system32\drivers\nhcDriver.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-24 39408]
"T-Mobile Communication Centre"="d:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2008-10-07 1495072]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]
"ICQ"="d:\program files\ICQ7.4\ICQ.exe" [2011-04-10 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-04-05 138008]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-04-05 162584]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-04-05 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"AGRSMMSG"="AGRSMMSG.exe" [2008-04-05 88363]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-19 861744]
"BenQSurround"="d:\program files\BenQ\BenQ Surround\BenQSurround.exe" [2007-04-20 1187840]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"RemoteControl"="d:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="d:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"Q-HotkeyMgr"="d:\program files\BenQ\Q-HotkeyMgr\HotkeySensor.exe" [2007-03-22 237673]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ACU"="d:\program files\Ekahau\Ekahau Wireless Utility\ACU.exe" [2006-05-09 303104]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2008-03-27 36352]
"NotebookHardwareControl"="d:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Samsung PanelMgr"="d:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-08-14 614400]
"4623 Scan2PC"="d:\windows\Twain_32\Samsung\SCX4623\Scan2pc.exe" [2009-09-10 1968640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
d:\documents and settings\Maca\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - d:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - d:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-6-7 553021]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7\\miranda32.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7.3\\miranda32.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Scan2Pc.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Sscan2io.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\ICQ7.4\\ICQ.exe"=
"d:\\Program Files\\BitLord2\\BitLord.exe"=
.
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [25.7.2010 23:00 114768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [25.7.2010 23:00 20560]
R2 ICQ Service;ICQ Service;d:\program files\ICQ6Toolbar\ICQ Service.exe [2.7.2008 18:59 247096]
R2 QBIOSIo;QBIOSIo.dll;d:\windows\system32\QBIOSIo.dll [11.4.2008 20:27 11520]
R2 Samsung Network Fax Server;Samsung Network Fax Server;d:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [25.10.2010 21:56 162304]
S2 gupdate1c996bee849d438;Služba Google Update (gupdate1c996bee849d438);d:\program files\Google\Update\GoogleUpdate.exe [24.2.2009 22:31 133104]
S2 SSPORT;SSPORT;\??\d:\windows\system32\Drivers\SSPORT.sys --> d:\windows\system32\Drivers\SSPORT.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);d:\program files\Google\Update\GoogleUpdate.exe [24.2.2009 22:31 133104]
S3 ipw_bus;IPWireless;d:\windows\system32\DRIVERS\ipw_bus.sys --> d:\windows\system32\DRIVERS\ipw_bus.sys [?]
S3 ipw_mdfl;Wireless Broadband Modem Filter;d:\windows\system32\DRIVERS\ipw_mdfl.sys --> d:\windows\system32\DRIVERS\ipw_mdfl.sys [?]
S3 ipw_mdm;Wireless Broadband Modem (WDM);d:\windows\system32\DRIVERS\ipw_mdm.sys --> d:\windows\system32\DRIVERS\ipw_mdm.sys [?]
S3 IpwP;IPWireless 3G Network Adapter;d:\windows\system32\drivers\ipw3gnet.sys [20.3.2010 14:10 51040]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support;d:\windows\system32\DRIVERS\yk51lagg.sys --> d:\windows\system32\DRIVERS\yk51lagg.sys [?]
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support;d:\windows\system32\drivers\skvlan.sys [17.5.2006 1:15 19328]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-29 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]
.
2011-07-08 d:\windows\Tasks\Google Software Updater.job
- d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-24 09:52]
.
2011-07-08 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-02-24 20:31]
.
2011-07-09 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-02-24 20:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: WikiKomentáře Google... - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - d:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.20 192.168.18.1
FF - ProfilePath - d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\
FF - prefs.js: browser.search.selectedEngine - Web Search...
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-09 10:18
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-07-09 10:20:41
ComboFix-quarantined-files.txt 2011-07-09 08:20
ComboFix2.txt 2009-05-04 21:06
.
Před spuštěním: Volných bajtů: 12 944 670 720
Po spuštění: Volných bajtů: 13 876 727 808
.
- - End Of File - - 4D7E89B4A03FA5CC662DC8105B4D1EE8
Re: Kontrola logu
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: d:\program files\ICQ6Toolbar Driver:: ICQ Service gupdate1c996bee849d438 gupdatem File:: d:\windows\Tasks\AppleSoftwareUpdate.job d:\windows\Tasks\Google Software Updater.job d:\windows\Tasks\GoogleUpdateTaskMachineCore.job d:\windows\Tasks\GoogleUpdateTaskMachineUA.job Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"=- "T-Mobile Communication Centre"=- "Skype"=- "ICQ"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=- "RemoteControl"=- "LanguageShortcut"=- "Adobe Reader Speed Launcher"=- "WinampAgent"=- "QuickTime Task"=- "SunJavaUpdateSched"=- Firefox:: FF - ProfilePath - d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\ FF - prefs.js: browser.search.selectedEngine - Web Search... FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q= FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
ComboFix 11-07-10.03 - Maca 10.07.2011 20:25:59.8.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.243 [GMT 2:00]
Spuštěný z: d:\documents and settings\Maca\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Maca\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 110710-0] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"d:\windows\Tasks\AppleSoftwareUpdate.job"
"d:\windows\Tasks\Google Software Updater.job"
"d:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"d:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\components\toolbarhomeApi.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\chrome.manifest
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\chrome\vshare.jar
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\install.rdf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\locale\en-US\global.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\locale\en-US\global.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_0.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_0.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_1.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_1.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\vshareJsm.js
d:\program files\ICQ6Toolbar
d:\program files\ICQ6Toolbar\1104102216\config.xml
d:\program files\ICQ6Toolbar\1104102216\Icons.bmp
d:\program files\ICQ6Toolbar\1104102216\icq6Toolbar.ico
d:\program files\ICQ6Toolbar\1104102216\ICQToolBar.dll
d:\program files\ICQ6Toolbar\1104102216\ICQUnToolbar.exe
d:\program files\ICQ6Toolbar\1104102216\logo_small.gif
d:\program files\ICQ6Toolbar\1104102216\short.wav
d:\program files\ICQ6Toolbar\1104102216\Version.txt
d:\program files\ICQ6Toolbar\1104102216\voucher.bmp
d:\program files\ICQ6Toolbar\1104102216\voucher2.bmp
d:\program files\ICQ6Toolbar\config.xml
d:\program files\ICQ6Toolbar\Icons.bmp
d:\program files\ICQ6Toolbar\ICQ Service.exe
d:\program files\ICQ6Toolbar\icq6Toolbar.ico
d:\program files\ICQ6Toolbar\ICQToolBar.dll
d:\program files\ICQ6Toolbar\ICQUnToolbar.exe
d:\program files\ICQ6Toolbar\logo_small.gif
d:\program files\ICQ6Toolbar\ServiceStarter.exe
d:\program files\ICQ6Toolbar\short.wav
d:\program files\ICQ6Toolbar\Version.txt
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
d:\windows\Tasks\AppleSoftwareUpdate.job
d:\windows\Tasks\Google Software Updater.job
d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE1C996BEE849D438
-------\Legacy_GUPDATEM
-------\Legacy_ICQ_SERVICE
-------\Service_gupdate1c996bee849d438
-------\Service_gupdatem
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-10 do 2011-07-10 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-10 18:31 . 2008-04-11 20:12 22528 ----a-w- d:\windows\system32\drivers\nhcDriver.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-09_08.18.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-10 18:31 . 2011-07-10 18:31 16384 d:\windows\Temp\Perflib_Perfdata_78c.dat
+ 2011-07-10 18:31 . 2011-07-10 18:31 16384 d:\windows\Temp\Perflib_Perfdata_5e0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-04-05 138008]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-04-05 162584]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-04-05 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"AGRSMMSG"="AGRSMMSG.exe" [2008-04-05 88363]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-19 861744]
"BenQSurround"="d:\program files\BenQ\BenQ Surround\BenQSurround.exe" [2007-04-20 1187840]
"Q-HotkeyMgr"="d:\program files\BenQ\Q-HotkeyMgr\HotkeySensor.exe" [2007-03-22 237673]
"ACU"="d:\program files\Ekahau\Ekahau Wireless Utility\ACU.exe" [2006-05-09 303104]
"NotebookHardwareControl"="d:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Samsung PanelMgr"="d:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-08-14 614400]
"4623 Scan2PC"="d:\windows\Twain_32\Samsung\SCX4623\Scan2pc.exe" [2009-09-10 1968640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
d:\documents and settings\Maca\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - d:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - d:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-6-7 553021]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7\\miranda32.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7.3\\miranda32.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Scan2Pc.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Sscan2io.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\ICQ7.4\\ICQ.exe"=
"d:\\Program Files\\BitLord2\\BitLord.exe"=
.
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [25.7.2010 23:00 114768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [25.7.2010 23:00 20560]
R2 QBIOSIo;QBIOSIo.dll;d:\windows\system32\QBIOSIo.dll [11.4.2008 20:27 11520]
R2 Samsung Network Fax Server;Samsung Network Fax Server;d:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [25.10.2010 21:56 162304]
S2 SSPORT;SSPORT;\??\d:\windows\system32\Drivers\SSPORT.sys --> d:\windows\system32\Drivers\SSPORT.sys [?]
S3 ipw_bus;IPWireless;d:\windows\system32\DRIVERS\ipw_bus.sys --> d:\windows\system32\DRIVERS\ipw_bus.sys [?]
S3 ipw_mdfl;Wireless Broadband Modem Filter;d:\windows\system32\DRIVERS\ipw_mdfl.sys --> d:\windows\system32\DRIVERS\ipw_mdfl.sys [?]
S3 ipw_mdm;Wireless Broadband Modem (WDM);d:\windows\system32\DRIVERS\ipw_mdm.sys --> d:\windows\system32\DRIVERS\ipw_mdm.sys [?]
S3 IpwP;IPWireless 3G Network Adapter;d:\windows\system32\drivers\ipw3gnet.sys [20.3.2010 14:10 51040]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support;d:\windows\system32\DRIVERS\yk51lagg.sys --> d:\windows\system32\DRIVERS\yk51lagg.sys [?]
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support;d:\windows\system32\drivers\skvlan.sys [17.5.2006 1:15 19328]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: WikiKomentáře Google... - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - d:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.20 192.168.18.1
FF - ProfilePath - d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - d:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-10 20:31
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
d:\windows\system32\igfxsrvc.exe
d:\windows\system32\acs.exe
d:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
d:\windows\RTHDCPL.EXE
d:\windows\AGRSMMSG.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\CyberLink\Shared Files\RichVideo.exe
d:\windows\system32\wdfmgr.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2011-07-10 20:34:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-10 18:34
ComboFix2.txt 2011-07-09 08:20
ComboFix3.txt 2009-05-04 21:06
.
Před spuštěním: Volných bajtů: 13 840 506 880
Po spuštění: Volných bajtů: 13 803 507 712
.
- - End Of File - - 7A70C6B58838741DBFEE9A40CE2985B1
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.243 [GMT 2:00]
Spuštěný z: d:\documents and settings\Maca\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Maca\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 110710-0] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"d:\windows\Tasks\AppleSoftwareUpdate.job"
"d:\windows\Tasks\Google Software Updater.job"
"d:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"d:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\components\toolbarhomeApi.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\chrome.manifest
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\chrome\vshare.jar
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\install.rdf
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\locale\en-US\global.dtd
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\locale\en-US\global.properties
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration.js
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_0.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_0.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_1.css
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\configuration_1.xul
d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\extensions\vshare@toolbar\modules\vshareJsm.js
d:\program files\ICQ6Toolbar
d:\program files\ICQ6Toolbar\1104102216\config.xml
d:\program files\ICQ6Toolbar\1104102216\Icons.bmp
d:\program files\ICQ6Toolbar\1104102216\icq6Toolbar.ico
d:\program files\ICQ6Toolbar\1104102216\ICQToolBar.dll
d:\program files\ICQ6Toolbar\1104102216\ICQUnToolbar.exe
d:\program files\ICQ6Toolbar\1104102216\logo_small.gif
d:\program files\ICQ6Toolbar\1104102216\short.wav
d:\program files\ICQ6Toolbar\1104102216\Version.txt
d:\program files\ICQ6Toolbar\1104102216\voucher.bmp
d:\program files\ICQ6Toolbar\1104102216\voucher2.bmp
d:\program files\ICQ6Toolbar\config.xml
d:\program files\ICQ6Toolbar\Icons.bmp
d:\program files\ICQ6Toolbar\ICQ Service.exe
d:\program files\ICQ6Toolbar\icq6Toolbar.ico
d:\program files\ICQ6Toolbar\ICQToolBar.dll
d:\program files\ICQ6Toolbar\ICQUnToolbar.exe
d:\program files\ICQ6Toolbar\logo_small.gif
d:\program files\ICQ6Toolbar\ServiceStarter.exe
d:\program files\ICQ6Toolbar\short.wav
d:\program files\ICQ6Toolbar\Version.txt
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
d:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
d:\windows\Tasks\AppleSoftwareUpdate.job
d:\windows\Tasks\Google Software Updater.job
d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE1C996BEE849D438
-------\Legacy_GUPDATEM
-------\Legacy_ICQ_SERVICE
-------\Service_gupdate1c996bee849d438
-------\Service_gupdatem
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-10 do 2011-07-10 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-10 18:31 . 2008-04-11 20:12 22528 ----a-w- d:\windows\system32\drivers\nhcDriver.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-09_08.18.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-10 18:31 . 2011-07-10 18:31 16384 d:\windows\Temp\Perflib_Perfdata_78c.dat
+ 2011-07-10 18:31 . 2011-07-10 18:31 16384 d:\windows\Temp\Perflib_Perfdata_5e0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-04-05 138008]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-04-05 162584]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-04-05 138008]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"AGRSMMSG"="AGRSMMSG.exe" [2008-04-05 88363]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-19 861744]
"BenQSurround"="d:\program files\BenQ\BenQ Surround\BenQSurround.exe" [2007-04-20 1187840]
"Q-HotkeyMgr"="d:\program files\BenQ\Q-HotkeyMgr\HotkeySensor.exe" [2007-03-22 237673]
"ACU"="d:\program files\Ekahau\Ekahau Wireless Utility\ACU.exe" [2006-05-09 303104]
"NotebookHardwareControl"="d:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Samsung PanelMgr"="d:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-08-14 614400]
"4623 Scan2PC"="d:\windows\Twain_32\Samsung\SCX4623\Scan2pc.exe" [2009-09-10 1968640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
d:\documents and settings\Maca\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - d:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - d:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-6-7 553021]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7\\miranda32.exe"=
"d:\\Program Files\\WIP Miranda IM 1.7.3\\miranda32.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Scan2Pc.exe"=
"d:\\WINDOWS\\twain_32\\Samsung\\SCX4623\\Sscan2io.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\ICQ7.4\\ICQ.exe"=
"d:\\Program Files\\BitLord2\\BitLord.exe"=
.
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [25.7.2010 23:00 114768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [25.7.2010 23:00 20560]
R2 QBIOSIo;QBIOSIo.dll;d:\windows\system32\QBIOSIo.dll [11.4.2008 20:27 11520]
R2 Samsung Network Fax Server;Samsung Network Fax Server;d:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [25.10.2010 21:56 162304]
S2 SSPORT;SSPORT;\??\d:\windows\system32\Drivers\SSPORT.sys --> d:\windows\system32\Drivers\SSPORT.sys [?]
S3 ipw_bus;IPWireless;d:\windows\system32\DRIVERS\ipw_bus.sys --> d:\windows\system32\DRIVERS\ipw_bus.sys [?]
S3 ipw_mdfl;Wireless Broadband Modem Filter;d:\windows\system32\DRIVERS\ipw_mdfl.sys --> d:\windows\system32\DRIVERS\ipw_mdfl.sys [?]
S3 ipw_mdm;Wireless Broadband Modem (WDM);d:\windows\system32\DRIVERS\ipw_mdm.sys --> d:\windows\system32\DRIVERS\ipw_mdm.sys [?]
S3 IpwP;IPWireless 3G Network Adapter;d:\windows\system32\drivers\ipw3gnet.sys [20.3.2010 14:10 51040]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support;d:\windows\system32\DRIVERS\yk51lagg.sys --> d:\windows\system32\DRIVERS\yk51lagg.sys [?]
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support;d:\windows\system32\drivers\skvlan.sys [17.5.2006 1:15 19328]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: WikiKomentáře Google... - d:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - d:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.20 192.168.18.1
FF - ProfilePath - d:\documents and settings\Maca\Data aplikací\Mozilla\Firefox\Profiles\wi28r37z.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - d:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-10 20:31
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
d:\windows\system32\igfxsrvc.exe
d:\windows\system32\acs.exe
d:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
d:\windows\RTHDCPL.EXE
d:\windows\AGRSMMSG.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\CyberLink\Shared Files\RichVideo.exe
d:\windows\system32\wdfmgr.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2011-07-10 20:34:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-10 18:34
ComboFix2.txt 2011-07-09 08:20
ComboFix3.txt 2009-05-04 21:06
.
Před spuštěním: Volných bajtů: 13 840 506 880
Po spuštění: Volných bajtů: 13 803 507 712
.
- - End Of File - - 7A70C6B58838741DBFEE9A40CE2985B1
Re: Kontrola logu
Jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Zatím v pohodě - myslíte, že máme hotovo?!
Re: Kontrola logu
Tak jeste uklidime 
Odinstalujte Combofix
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /UninstallA
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Vše vypadá OK - děkuju, děkuju, děkuju!!!
Re: Kontrola logu
Nemate zac, rado se stalo 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?