Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Havěť - pravděpodbně vir z FB

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Havěť - pravděpodbně vir z FB

#1 Příspěvek od kviki »

Prosím o kontrolu LOGu, zpomalene PC, nejde antivir
=======================================

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martina Dreslerová at 2011-08-19 16:03:51
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 41 GB (50%) free of 82 GB
Total RAM: 1014 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:04:15, on 19.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\sysdriver32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\update.1\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\EeePC\CapsHook\CapsHook.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\update.tray-3-0\svchost.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\systemup.exe
C:\WINDOWS\l1rezerv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ufa\ufa.exe
C:\WINDOWS\update.7.1\svchostdriver.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.2\svchost.exe
C:\WINDOWS\update.7.1\svchostdriver.exe
C:\Documents and Settings\Martina Dreslerová\Plocha\RSIT.exe
C:\Program Files\trend micro\Martina Dreslerová.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (file missing)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (file missing)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [EeeSplendidAgent] C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CapsHook] C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-3-0\svchost.exe
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [2727915.exe] "C:\WINDOWS\TEMP\2727915.exe"
O4 - HKLM\..\Run: [systemup] "C:\WINDOWS\systemup.exe" stand
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [79826616-loader2.exe] "C:\WINDOWS\TEMP\79826616-loader2.exe"
O4 - HKLM\..\Run: [w_distrib.exe] "C:\WINDOWS\update.3\svchost.exe" stand
O4 - HKLM\..\Run: [2046629.exe] "C:\WINDOWS\TEMP\2046629.exe"
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [8049229.exe] "C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\8049229.exe"
O4 - HKLM\..\Run: [474558.exe] "C:\WINDOWS\TEMP\474558.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ddservice - Unknown owner - C:\WINDOWS\update.7.1\svchostdriver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/MARTIN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif
O24 - Desktop Component 1: (no name) - file:///C:/DOCUME~1/MARTIN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 12133 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-15 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\tbBitT.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-23 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-20 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\tbBitT.dll []
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-09-28 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-09-28 173592]
"LiveUpdate"=C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [2010-01-29 751592]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"EeeSplendidAgent"=C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe []
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2010-05-12 2018032]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"CapsHook"=C:\Program Files\EeePC\CapsHook\CapsHook.exe [2010-05-28 445344]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-04-27 19523616]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2009-06-26 118784]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-05-08 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe /WAITSERVICE []
"wxpdrv"=C:\WINDOWS\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-3-0\svchost.exe [2011-07-19 1150976]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-07-25 256000]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-07-25 256000]
"2727915.exe"=C:\WINDOWS\TEMP\2727915.exe [2011-07-19 232960]
"systemup"=C:\WINDOWS\systemup.exe [2011-07-19 114176]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-07-24 232960]
"79826616-loader2.exe"=C:\WINDOWS\TEMP\79826616-loader2.exe [2011-07-22 249344]
"w_distrib.exe"=C:\WINDOWS\update.3\svchost.exe [2011-08-16 273920]
"2046629.exe"=C:\WINDOWS\TEMP\2046629.exe [2011-07-25 256000]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-09-28 141336]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2010-05-17 1246632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"8049229.exe"=C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\8049229.exe [2011-07-19 232960]
"474558.exe"=C:\WINDOWS\TEMP\474558.exe [2011-08-19 632832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-08-01 124480]
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-03-25 402096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Martina Dreslerová^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~4\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Documents and Settings\Martina Dreslerová\Nabídka Start\Programy\Po spuštění
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-09-24 205312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe"="C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe:*:Enabled:C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.tray-3-0\svchost.exe"="C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\WINDOWS\update.3\svchost.exe"="C:\WINDOWS\update.3\svchost.exe:*:Enabled:C:\WINDOWS\update.3\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.tscc"=C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll

======List of files/folders created in the last 1 month======

2011-08-19 16:03:52 ----D---- C:\Program Files\trend micro
2011-08-19 16:03:51 ----D---- C:\rsit
2011-08-19 14:07:09 ----HD---- C:\WINDOWS\update.7.1
2011-08-11 21:12:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-11 21:11:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-11 21:11:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-11 20:57:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-11 20:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-04 09:53:03 ----D---- C:\Program Files\SHARP
2011-08-04 09:52:45 ----A---- C:\WINDOWS\system32\SN0EMTNT.dll
2011-08-04 09:52:45 ----A---- C:\WINDOWS\system32\SN0ELMON.dll
2011-08-04 09:52:45 ----A---- C:\WINDOWS\system32\SN0ELMON.dat
2011-08-04 09:52:27 ----A---- C:\WINDOWS\_isusr32.dll
2011-08-04 09:52:25 ----N---- C:\WINDOWS\system32\_isusr2k.dll
2011-08-04 09:52:21 ----A---- C:\WINDOWS\system32\SCN2PMUI.dll
2011-08-04 09:52:21 ----A---- C:\WINDOWS\system32\SCN2PMR.dll
2011-08-04 09:52:21 ----A---- C:\WINDOWS\system32\SCN2PM.dll
2011-08-04 09:52:21 ----A---- C:\WINDOWS\system32\SCN2PM.DAT
2011-08-04 09:51:30 ----D---- C:\WINDOWS\system32\SCDRV
2011-08-04 09:51:18 ----D---- C:\Drivers
2011-07-24 17:31:47 ----A---- C:\WINDOWS\w_distrib_iplist.txt
2011-07-24 17:30:29 ----HD---- C:\WINDOWS\update.3
2011-07-24 10:10:07 ----D---- C:\Program Files\Common Files\Adobe
2011-07-22 11:32:09 ----D---- C:\Documents and Settings\Martina Dreslerová\Data aplikací\HypoKalk
2011-07-22 11:31:09 ----D---- C:\Program Files\Komerční Banka

======List of files/folders modified in the last 1 month======

2011-08-19 16:03:59 ----D---- C:\WINDOWS\Prefetch
2011-08-19 16:03:52 ----RD---- C:\Program Files
2011-08-19 15:59:39 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-08-19 15:49:28 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-08-19 15:17:03 ----HD---- C:\WINDOWS\inf
2011-08-19 15:17:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-19 15:10:31 ----A---- C:\WINDOWS\iplist.txt
2011-08-19 14:20:50 ----A---- C:\WINDOWS\ddh_iplist.txt
2011-08-19 14:08:36 ----D---- C:\WINDOWS\Temp
2011-08-19 14:07:09 ----D---- C:\WINDOWS
2011-08-19 13:56:50 ----D---- C:\Documents and Settings\Martina Dreslerová\Data aplikací\ICQ
2011-08-19 13:55:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-18 11:49:02 ----D---- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Skype
2011-08-17 09:16:28 ----D---- C:\WINDOWS\Network Diagnostic
2011-08-12 08:55:17 ----RSD---- C:\WINDOWS\assembly
2011-08-12 08:54:46 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-12 08:16:13 ----D---- C:\WINDOWS\system32
2011-08-11 21:16:06 ----HD---- C:\Config.Msi
2011-08-11 21:16:00 ----SHD---- C:\WINDOWS\Installer
2011-08-11 21:15:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-11 21:15:34 ----D---- C:\WINDOWS\WinSxS
2011-08-11 21:12:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-11 21:12:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-08-11 21:11:17 ----A---- C:\WINDOWS\imsins.BAK
2011-08-11 21:11:16 ----D---- C:\WINDOWS\system32\drivers
2011-08-11 21:11:13 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-11 20:58:27 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-11 20:58:14 ----D---- C:\Program Files\Internet Explorer
2011-08-11 20:58:07 ----D---- C:\WINDOWS\ie8updates
2011-08-04 14:22:18 ----A---- C:\WINDOWS\win.ini
2011-08-04 14:22:18 ----A---- C:\WINDOWS\system.ini
2011-08-04 14:22:18 ----A---- C:\boot.ini
2011-08-04 09:51:30 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-04 09:50:49 ----D---- C:\WINDOWS\pss
2011-08-02 14:10:12 ----D---- C:\Program Files\ICQ7.5
2011-07-25 22:15:59 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-07-25 22:15:59 ----A---- C:\WINDOWS\sysdriver32.exe
2011-07-25 17:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-07-24 10:39:32 ----A---- C:\WINDOWS\l1rezerv.exe
2011-07-24 10:10:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-07-24 10:10:07 ----D---- C:\Program Files\Common Files
2011-07-22 19:32:33 ----D---- C:\Program Files\BitTorrent
2011-07-22 19:32:22 ----D---- C:\Documents and Settings\Martina Dreslerová\Data aplikací\BitTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2009-06-04 330264]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-09-26 15424]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-06 54752]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-08-12 1582624]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-09-24 6301696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-27 6031904]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 rtsuvc;Realtek USB2.0 PC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2010-02-04 73088]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-09-26 512096]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-15 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-15 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-15 21744]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ddservice;ddservice; C:\WINDOWS\update.7.1\svchostdriver.exe [2011-08-19 382464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-20 153376]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-26 348672]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-08-19 632832]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-07-25 256000]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-07-19 1150976]
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-07-14 1121280]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Havěť - pravděpodbně vir z FB

#2 Příspěvek od Caroprd111 »

Zdravím a vítám vás na našem bezpečnostním fóru viry.cz :welcome:

Můj nick je Caroprd111. Budu se vám v tomto topicu věnovat a snažit se odstranit všechny vaše problémy s počítačem. :)
Než začneme, přečtěte si prosím následující poznámky.
  • Pokud nemáte, zálohujte si všechna důležitá data. Infikovaný počítač je nevyzpytatelný.
  • Důsledně a pečlivě si přečtěte celý postup, poté pokračujte po jednotlivých krocích.
  • Prosím, nespouštějte žádné další programy na vlastní pěst, zejména ComboFix. Zbytečně tím můžete zkomplikovat odvirování, dokonce i znefunkčnit systém.
  • Absence příznaků nemusí vždy znamenat, že je počítač čistý, proto vždy spolupracujte až do doby, než vám napíšu, že je počítač v pořádku.
  • V případě, že něčemu nerozumíte nebo si nejste jist, neváhejte se mě zeptat.
  • Pokud bude log dlouhý a nevejde se do jednoho příspěvku, rozdělte jej do více příspěvků.

:arrow: Poprosím vás i o druhý log z RSIT info.txt.


:arrow: Proč používáte starou verzi NOD32? Je licence zakoupená?
Obrázek
Nahoru
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Re: Havěť - pravděpodbně vir z FB

#3 Příspěvek od kviki »

AD1, log přikládám
AD2, nevím proč je stará verze

info.txt logfile of random's system information tool 1.09 2011-08-19 16:04:22

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
50 FREE MP3s +1 Free Audiobook!-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Reader 9.4.5 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Aktualizace systému Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951618-v2)-->"C:\WINDOWS\$NtUninstallKB951618-v2$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB972187)-->"C:\WINDOWS\$NtUninstallKB972187_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483614)-->"C:\WINDOWS\$NtUninstallKB2483614$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975254)-->"C:\WINDOWS\$NtUninstallKB975254$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB976323)-->"C:\WINDOWS\$NtUninstallKB976323$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
Antivirový systém NOD32-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{3E62B27C-342F-4B44-9331-CA4BC59A586F}
Asus ACPI Driver-->"C:\Program Files\InstallShield Installation Information\{19F5658D-92E8-4A08-8657-D38ABB1574B2}\setup.exe" -runfromtemp -l0x0009 -removeonly
ASUS VIBE-->C:\Program Files\ASUS\ASUS VIBE\1.0.187\uninst.exe
ASUSUpdate for Eee PC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0005 -removeonly
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0005 -removeonly
Azuon-->MsiExec.exe /I{E9232C0D-6588-41FF-9769-DBB3964464BD}
CapsHook-->"C:\Program Files\InstallShield Installation Information\{4B5092B6-F231-4D18-83BC-2618B729CA45}\setup.exe" -runfromtemp -l0x0409 -removeonly
Conduit Engine-->C:\PROGRA~1\CONDUI~1\ConduitEngineUninstall.exe
ČSOBP Kalkulátory 1.4.5.0 (BALÍČEK 8)-->"c:\Aplikace\CS0BPKalk\unins000.exe"
Data Sync-->MsiExec.exe /I{D806E63B-0C11-4061-8DA9-1E980FB9A9EB}
DivX Setup-->C:\Documents and Settings\All Users\Data aplikací\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
ebi.BookReader3J-->MsiExec.exe /I{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}
Eee Docking 1.3.12.0-->"C:\Program Files\ASUS\Eee Docking\unins000.exe"
EeeSplendid-->"C:\Program Files\InstallShield Installation Information\{6333FC29-BFE5-4024-AC78-958A1A7555D1}\setup.exe" -runfromtemp -l0x0409 -removeonly
Expert-->MsiExec.exe /X{59CF12E3-C3C3-41DD-87EE-994BEF811C02}
EzMessenger-->MsiExec.exe /I{C72CA49A-9237-4810-8449-45DA3BD26D64}
FontResizer-->"C:\Program Files\InstallShield Installation Information\{17780F99-A9DF-450B-81B3-6781B20A17A8}\setup.exe" -runfromtemp -l0x0405 -removeonly
FontResizer-->MsiExec.exe /X{17780F99-A9DF-450B-81B3-6781B20A17A8}
Game Park Console-->"C:\Program Files\Asus\Game Park\GameConsole\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{5469D537-9B44-4c78-BF2D-5F9807564F74}\setup\hpzscr01.exe" -datfile hposcr05.dat
Hypoteční kalkulačka-->MsiExec.exe /I{998C31A1-0FE0-4C33-877C-C6DA1376B24D}
ICQ7.5-->"C:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
Lingea Lexicon 5-->C:\Program Files\Lingea\Lexicon5\Setup.exe /u
LiveUpdate-->MsiExec.exe /I{38E5A3B1-ADF1-47E0-8024-76310A30EB36}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works-->MsiExec.exe /I{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe"
Oprava hotfix aplikace Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB969084)-->"C:\WINDOWS\$NtUninstallKB969084$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Ralink RT2860 Wireless LAN Card-->C:\Program Files\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft Office 2007 System (KB2541012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD907315-705A-4475-A1A0-2A1245803E4D}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2541007)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0173254-F442-4D04-9154-43FA157B83D0}
Security Update for Microsoft Office Groove 2007 (KB2494047)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SHARP MX/DX Series PCL/PS Printer Driver-->C:\Program Files\InstallShield Installation Information\{673E2CB8-8306-4F99-9DF9-6492C2F57072}\setup.exe -l0005 -uninst sn0eis.sii
Skype Toolbars-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.3-->MsiExec.exe /X{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}
Super Hybrid Engine-->"C:\Program Files\InstallShield Installation Information\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}\setup.exe" -runfromtemp -l0x0009 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2509470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1365864D-4C58-489D-9982-844D75691CCC}
Update for Outlook 2007 Junk Email Filter (KB2586924)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
USB2.0 UVC VGA WebCam-->"C:\Program Files\InstallShield Installation Information\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}\setup.exe" -runfromtemp -l0x0005 -removeonly
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}
Windows Live Fotogalerie-->MsiExec.exe /X{40284D5A-EF61-4937-92CD-B7CB20C4C87B}
Windows Live Mail-->MsiExec.exe /I{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}
Windows Live Messenger-->MsiExec.exe /X{CE6557BF-FA56-4C95-91E3-B8C641679DF0}
Windows Live Sync-->MsiExec.exe /X{1407B87C-36E3-4FC1-9051-D08B21E1096F}
Windows Live Toolbar-->MsiExec.exe /X{D6A1D7F6-79CB-4159-AF03-F21F28080B97}
Windows Live Writer-->MsiExec.exe /X{479A749B-1684-4881-8266-BF8DD22251E7}
Windows Live Zabezpečení rodiny-->MsiExec.exe /X{7CF94476-77F9-401E-BEB5-845285735AAB}
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WinRAR 4.00 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe

======Hosts File======

127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com

======Security center information======

AV: Eset NOD32 Antivirus 2.70

======System event log======

Computer Name: MARTINKA
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Správce vzdáleného přístupu úspěšně odeslán.

Record Number: 15887
Source Name: Service Control Manager
Time Written: 20110708145457.000000+120
Event Type: Informace
User: MARTINKA\Martina Dreslerová

Computer Name: MARTINKA
Event Code: 7036
Message: Stav služby Telefonní subsystém byl změněn na: Spuštěno

Record Number: 15886
Source Name: Service Control Manager
Time Written: 20110708145457.000000+120
Event Type: Informace
User:

Computer Name: MARTINKA
Event Code: 7036
Message: Stav služby Kompatibilita pro rychlé přepínání uživatelů byl změněn na: Spuštěno

Record Number: 15885
Source Name: Service Control Manager
Time Written: 20110708145457.000000+120
Event Type: Informace
User:

Computer Name: MARTINKA
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Kompatibilita pro rychlé přepínání uživatelů úspěšně odeslán.

Record Number: 15884
Source Name: Service Control Manager
Time Written: 20110708145457.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MARTINKA
Event Code: 7036
Message: Stav služby Terminálová služba byl změněn na: Spuštěno

Record Number: 15883
Source Name: Service Control Manager
Time Written: 20110708145457.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: MARTINKA
Event Code: 1022
Message: Aktualizace Security Update for 2007 Microsoft Office System (KB2288931) produktu Microsoft Office Enterprise 2007 byla úspěšně nainstalována.

Record Number: 1302
Source Name: MsiInstaller
Time Written: 20101216133655.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MARTINKA
Event Code: 1005
Message: Služba Windows Installer vyvolala restart systému k dokončení či pokračování konfigurace Microsoft Office Enterprise 2007.
Record Number: 1301
Source Name: MsiInstaller
Time Written: 20101216133631.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MARTINKA
Event Code: 11728
Message: Produkt: Microsoft Office Enterprise 2007 – Konfigurace byla úspěšně dokončena.

Record Number: 1300
Source Name: MsiInstaller
Time Written: 20101216133631.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MARTINKA
Event Code: 1022
Message: Aktualizace Update for Microsoft Office Outlook 2007 (KB2412171) produktu Microsoft Office Enterprise 2007 byla úspěšně nainstalována.

Record Number: 1299
Source Name: MsiInstaller
Time Written: 20101216133631.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MARTINKA
Event Code: 1025
Message: Produkt Microsoft Office Enterprise 2007: Soubor C:\Program Files\Microsoft Office\Office12\OLMAPI32.DLL je používán jiným procesem (Název: jqs , ID: 148).

Record Number: 1298
Source Name: MsiInstaller
Time Written: 20101216133623.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=1c0a
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Havěť - pravděpodbně vir z FB

#4 Příspěvek od Caroprd111 »

Protože je nelegální, licenci jste nekupoval. :whip:

Podle pravidel fóra se zde nelegálním softwarem nezabýváme - nelegální programy představují bezpečnostní hrozbu a navíc tím porušujete zákon. :spam:

Co s tím uděláte?
Obrázek
Nahoru
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Re: Havěť - pravděpodbně vir z FB

#5 Příspěvek od kviki »

Dam tam Avast free po odvirovani?
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Havěť - pravděpodbně vir z FB

#6 Příspěvek od Caroprd111 »

:thumbsup:


:arrow: Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
*crack*
*keygen*
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Obrázek
Nahoru
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Re: Havěť - pravděpodbně vir z FB

#7 Příspěvek od kviki »

OTL logfile created on: 19.8.2011 21:26:51 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Martina Dreslerová\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,11 Mb Total Physical Memory | 431,13 Mb Available Physical Memory | 42,51% Memory free
2,39 Gb Paging File | 1,93 Gb Available in Paging File | 80,96% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 39,81 Gb Free Space | 49,76% Space Free | Partition Type: NTFS
Drive D: | 62,16 Gb Total Space | 6,73 Gb Free Space | 10,83% Space Free | Partition Type: NTFS
Drive E: | 298,02 Gb Total Space | 4,40 Gb Free Space | 1,48% Space Free | Partition Type: FAT32

Computer Name: MARTINKA | User Name: Martina Dreslerová | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.19 21:22:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martina Dreslerová\Plocha\OTL.exe
PRC - [2011.08.19 14:11:31 | 000,632,832 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011.08.19 14:11:31 | 000,632,832 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011.08.19 14:07:07 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
PRC - [2011.08.01 10:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.5\ICQ.exe
PRC - [2011.07.26 09:51:51 | 000,348,672 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.26 09:51:51 | 000,348,672 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.25 22:15:59 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
PRC - [2011.07.24 10:39:32 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
PRC - [2011.07.19 10:12:23 | 000,114,176 | ---- | M] () -- C:\WINDOWS\systemup.exe
PRC - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.tray-3-0-lnk\svchost.exe
PRC - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.tray-3-0\svchost.exe
PRC - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
PRC - [2011.06.29 12:20:24 | 000,743,936 | ---- | M] (Ufasoft) -- C:\WINDOWS\ufa\ufa.exe
PRC - [2010.11.14 23:35:38 | 000,275,736 | ---- | M] (Lingea) -- C:\Program Files\Common Files\Lingea Shared\luc.exe
PRC - [2010.09.16 22:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.05.28 16:41:36 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe
PRC - [2010.05.17 10:40:22 | 001,246,632 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2010.03.25 09:30:52 | 000,402,096 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
PRC - [2010.01.29 20:18:52 | 000,751,592 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
PRC - [2009.06.26 13:13:00 | 000,118,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2009.05.08 16:54:20 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2009.04.30 19:49:42 | 000,385,024 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (No Company Name) ==========

MOD - [2011.08.19 14:11:31 | 000,632,832 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
MOD - [2011.08.19 14:07:07 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
MOD - [2011.07.26 09:51:51 | 000,348,672 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
MOD - [2011.07.25 22:15:59 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
MOD - [2011.07.24 10:39:32 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
MOD - [2011.07.19 10:12:23 | 000,114,176 | ---- | M] () -- C:\WINDOWS\systemup.exe
MOD - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.tray-3-0-lnk\svchost.exe
MOD - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.tray-3-0\svchost.exe
MOD - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
MOD - [2011.03.02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.09.16 22:04:50 | 000,095,528 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010.09.16 22:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.03.25 09:30:52 | 000,402,096 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
MOD - [2010.01.29 20:23:40 | 000,161,768 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\Enumeration.dll
MOD - [2010.01.29 20:18:52 | 000,751,592 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
MOD - [2010.01.29 20:17:26 | 000,120,808 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\ClientSocket.dll
MOD - [2009.08.28 01:29:08 | 000,182,240 | ---- | M] () -- C:\Program Files\ASUS\LiveUpdate\Parser.dll
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NOD32krn)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.08.19 14:11:31 | 000,632,832 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.2\svchost.exe -- (srviecheck)
SRV - [2011.08.19 14:07:07 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011.07.26 09:51:51 | 000,348,672 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011.07.25 22:15:59 | 000,256,000 | ---- | M] () [Auto | Running] -- C:\WINDOWS\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
SRV - [2004.09.29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2010.09.26 22:14:08 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010.09.26 22:14:04 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2010.04.27 10:10:52 | 006,031,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.03.31 03:40:20 | 000,011,520 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2010.02.04 17:08:30 | 000,073,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtsuvc.sys -- (rtsuvc)
DRV - [2009.11.18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.08.12 01:04:30 | 001,582,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009.08.06 07:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.07.27 09:09:52 | 000,044,032 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2008.11.03 09:03:28 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.04.08 18:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - File not found
IE - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2011.08.19 14:12:07 | 000,202,984 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 127.0.0.1 tl-ph.facebook.com
O1 - Hosts: 127.0.0.1 fo-fo.facebook.com
O1 - Hosts: 127.0.0.1 fr-fr.facebook.com
O1 - Hosts: 127.0.0.1 fy-nl.facebook.com
O1 - Hosts: 127.0.0.1 ga-ie.facebook.com
O1 - Hosts: 127.0.0.1 gl-es.facebook.com
O1 - Hosts: 127.0.0.1 ko-kr.facebook.com
O1 - Hosts: 50053 more lines...
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - File not found
O3 - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - File not found
O4 - HKLM..\Run: [2046629.exe] C:\WINDOWS\TEMP\2046629.exe ()
O4 - HKLM..\Run: [2727915.exe] C:\WINDOWS\TEMP\2727915.exe ()
O4 - HKLM..\Run: [474558.exe] C:\WINDOWS\TEMP\474558.exe ()
O4 - HKLM..\Run: [79826616-loader2.exe] C:\WINDOWS\TEMP\79826616-loader2.exe ()
O4 - HKLM..\Run: [8049229.exe] C:\Documents and Settings\Martina Dreslerová\Local Settings\Temp\8049229.exe ()
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [CapsHook] C:\Program Files\EeePC\CapsHook\CapsHook.exe (ASUS)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EeeSplendidAgent] File not found
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe ()
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [nod32kui] File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\WINDOWS\systemup.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-3-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [UpdateReminder] File not found
O4 - HKLM..\Run: [w_distrib.exe] C:\WINDOWS\update.3\svchost.exe ()
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-21-650706524-2581852850-3483305715-1006..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKU\S-1-5-21-650706524-2581852850-3483305715-1006..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Documents and Settings\Martina Dreslerová\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/MARTIN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif
O24 - Desktop Components:1 () - file:///C:/DOCUME~1/MARTIN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg
O24 - Desktop Components:2 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Martina Dreslerová\Data aplikací\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Martina Dreslerová\Data aplikací\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.24 04:19:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.11.06 10:05:52 | 000,000,088 | ---- | M] () - E:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{8bb1ec58-069f-11e0-a391-20cf303d6c92}\Shell\AutoRun\command - "" = E:\installer.exe
O33 - MountPoints2\{8bb1ec58-069f-11e0-a391-20cf303d6c92}\Shell\verb\command - "" = E:\installer.exe
O33 - MountPoints2\{9bd2a65e-e1fb-11df-a334-20cf303d6c92}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - ff_vfw.dll File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.08.19 21:25:14 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Martina Dreslerová\Plocha\OTL.exe
[2011.08.19 18:43:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Malwarebytes
[2011.08.19 18:43:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.08.19 18:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.08.19 18:43:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.08.19 18:43:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.08.19 18:43:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.08.19 16:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.19 16:03:51 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.19 14:54:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Adobe
[2011.08.19 14:07:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.7.1
[2011.08.04 09:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\SHARP
[2011.08.04 09:52:45 | 000,098,304 | ---- | C] (SHARP CORPORATION) -- C:\WINDOWS\System32\SN0ELMON.dll
[2011.08.04 09:52:45 | 000,045,056 | ---- | C] (SHARP CORPORATION) -- C:\WINDOWS\System32\SN0EMTNT.dll
[2011.08.04 09:52:21 | 000,077,492 | ---- | C] (SHARP CORPORATION) -- C:\WINDOWS\System32\SCN2PM.dll
[2011.08.04 09:52:21 | 000,053,248 | ---- | C] (SHARP CORPORATION) -- C:\WINDOWS\System32\SCN2PMR.dll
[2011.08.04 09:52:21 | 000,051,855 | ---- | C] (SHARP CORPORATION) -- C:\WINDOWS\System32\SCN2PMUI.dll
[2011.08.04 09:51:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SCDRV
[2011.08.04 09:51:18 | 000,000,000 | ---D | C] -- C:\Drivers
[2011.07.24 17:30:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.3
[2011.07.24 10:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.07.22 11:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\HypoKalk
[2011.07.22 11:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Komerční banka
[2011.07.22 11:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\Komerční Banka
[2010.10.15 15:04:15 | 007,271,080 | ---- | C] (Gretech Corporation) -- C:\Program Files\GOMPLAYERENSETUP.EXE
[2009.11.04 08:53:14 | 000,013,880 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.08.19 21:30:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.19 21:22:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martina Dreslerová\Plocha\OTL.exe
[2011.08.19 18:43:30 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.19 15:55:00 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Martina Dreslerová\Plocha\RSIT.exe
[2011.08.19 14:11:33 | 000,000,245 | ---- | M] () -- C:\WINDOWS\info1
[2011.08.19 13:56:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.19 13:56:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.18 22:48:31 | 000,134,144 | ---- | M] () -- C:\Documents and Settings\Martina Dreslerová\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.18 09:28:25 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.08.11 21:15:53 | 000,445,098 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.11 21:15:53 | 000,442,078 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.08.11 21:15:53 | 000,084,710 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.08.11 21:15:53 | 000,072,974 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.08.11 21:11:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.08.04 14:22:18 | 000,000,215 | ---- | M] () -- C:\boot.ini
[2011.07.25 22:15:59 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.25 22:15:59 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.25 17:08:54 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011.07.24 10:39:32 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.24 10:11:20 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.19 21:30:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.19 18:43:30 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.08.19 16:03:44 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Plocha\RSIT.exe
[2011.08.04 14:22:19 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
[2011.08.04 14:22:19 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk
[2011.08.04 09:52:48 | 000,008,698 | ---- | C] () -- C:\WINDOWS\font2.sii
[2011.08.04 09:52:48 | 000,004,907 | ---- | C] () -- C:\WINDOWS\font1.sii
[2011.08.04 09:52:45 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\SN0ELMON.dat
[2011.08.04 09:52:45 | 000,000,074 | ---- | C] () -- C:\WINDOWS\System32\SN0ELMON.mtx
[2011.08.04 09:52:43 | 000,009,834 | ---- | C] () -- C:\WINDOWS\System32\SN0EUD61.MCF
[2011.08.04 09:52:27 | 000,159,836 | ---- | C] () -- C:\WINDOWS\_isusr32.dll
[2011.08.04 09:52:25 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\_isusr2k.dll
[2011.08.04 09:52:21 | 000,042,138 | ---- | C] () -- C:\WINDOWS\System32\SCN2PM.chm
[2011.08.04 09:52:21 | 000,000,397 | ---- | C] () -- C:\WINDOWS\System32\SCN2PM.DAT
[2011.07.24 10:10:22 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2011.07.24 10:10:21 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader 9.lnk
[2011.07.19 10:12:58 | 000,232,960 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.19 10:12:31 | 000,114,176 | ---- | C] () -- C:\WINDOWS\systemup.exe
[2011.07.19 09:59:29 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.07.19 09:41:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.19 09:41:16 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.19 09:41:02 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.18 21:20:28 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ReminderNextRun
[2011.06.03 20:29:20 | 000,260,531 | ---- | C] () -- C:\WINDOWS\imgcvt.dat
[2011.05.20 20:32:14 | 000,192,456 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.05.20 19:16:58 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Local Settings\Data aplikací\Model_hp.ini
[2011.05.20 19:05:05 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Local Settings\Data aplikací\User_hp.cds
[2011.03.06 22:36:08 | 000,068,509 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2011.03.06 22:36:08 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2010.12.05 12:47:24 | 000,002,439 | ---- | C] () -- C:\Program Files\Microsoft Office PowerPoint 2007 (2).lnk
[2010.12.05 00:01:01 | 000,293,160 | ---- | C] () -- C:\Program Files\SoftonicDownloader_for_vlc-media-player.exe
[2010.11.20 17:16:10 | 000,001,475 | ---- | C] () -- C:\Program Files\DivX Movies.lnk
[2010.09.27 23:21:55 | 000,000,815 | ---- | C] () -- C:\Program Files\Spustit prohlížeč Internet Explorer.lnk
[2010.09.26 22:15:22 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2010.09.04 14:41:42 | 000,134,144 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.03 18:53:26 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.09.02 20:30:45 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.01 19:26:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\wklnhst.dat
[2010.08.31 00:31:11 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Local Settings\Data aplikací\fusioncache.dat
[2010.08.31 00:28:32 | 000,004,692 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2010.08.31 00:28:32 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2010.07.08 08:33:18 | 000,025,616 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2010.07.08 08:33:18 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2010.03.18 04:51:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010.03.18 01:55:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\uvcrecordfix.exe
[2010.03.18 01:55:51 | 000,024,576 | ---- | C] () -- C:\WINDOWS\Sleep.exe
[2010.03.18 01:51:56 | 000,011,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsUpIO.sys
[2010.03.18 01:51:46 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2010.03.18 01:48:49 | 000,013,930 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009.12.24 04:21:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.12.24 04:17:31 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.12.23 20:13:57 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.12.23 20:13:06 | 000,346,608 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.23 20:07:27 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009.12.23 20:07:23 | 000,442,078 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2009.12.23 20:07:23 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2009.12.23 20:07:23 | 000,084,710 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2009.12.23 20:07:23 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2009.12.23 20:07:17 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009.12.23 20:07:16 | 000,445,098 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009.12.23 20:07:16 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009.12.23 20:07:16 | 000,072,974 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009.12.23 20:07:16 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009.12.23 20:07:16 | 000,004,562 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009.12.23 20:07:15 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009.12.23 20:07:15 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009.12.23 20:07:13 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009.12.23 20:07:13 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009.12.23 20:07:11 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009.12.23 20:07:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

========== LOP Check ==========

[2010.11.24 22:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2010.03.18 02:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EBI
[2011.05.12 11:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.05.12 06:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OberonGameConsole
[2010.03.18 01:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ralink Driver
[2010.03.18 02:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RSMR
[2011.06.08 10:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Azuon
[2010.11.24 01:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\BitComet
[2011.07.22 19:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\BitTorrent
[2010.11.23 00:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\CometPlayer
[2011.07.22 11:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\HypoKalk
[2011.08.19 13:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\ICQ
[2010.11.20 19:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\PriceGong
[2010.11.23 00:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Template
[2010.11.22 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\tigerplayer

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MsnMsgr" = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background -- [2010.04.16 22:12:28 | 003,872,080 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2011.08.01 10:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.)
"Eee Docking" = C:\Program Files\ASUS\Eee Docking\Eee Docking.exe -- [2010.03.25 09:30:52 | 000,402,096 | ---- | M] ()


< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CSRSS.EXE >
[2008.04.14 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NTFS.SYS >
[2008.04.14 14:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\I386\NTFS.SYS
[2008.04.14 14:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 14:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2011.08.19 14:11:31 | 000,632,832 | ---- | M] () MD5=0CD76DB73F3108CDB413EE8239212ECE -- C:\WINDOWS\update.2\svchost.exe
[2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () MD5=263BCC68E573D1DC4E9DB4BC5C13E9F0 -- C:\WINDOWS\update.1\svchost.exe
[2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () MD5=263BCC68E573D1DC4E9DB4BC5C13E9F0 -- C:\WINDOWS\update.tray-3-0\svchost.exe
[2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () MD5=263BCC68E573D1DC4E9DB4BC5C13E9F0 -- C:\WINDOWS\update.tray-3-0-lnk\svchost.exe
[2011.07.26 09:51:51 | 000,348,672 | ---- | M] () MD5=6EECAB7626BABA17DB082754B5E8C5CE -- C:\WINDOWS\update.5.0\svchost.exe
[2011.08.16 08:30:09 | 000,273,920 | ---- | M] () MD5=8A02143977854E47EA8674B1C7F41564 -- C:\WINDOWS\update.3\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.27 04:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.08 07:16:46 | 000,001,205 | ---- | M] () -- C:\WINDOWS\system32\drivers\AsusACPI.inf
[2008.04.14 14:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2008.04.14 14:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2008.04.14 08:52:58 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kstvtune.ax
[2008.04.14 08:52:58 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kswdmcap.ax
[2008.04.14 08:52:58 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ksxbar.ax
[2010.03.18 01:50:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.05.12 07:50:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.03.18 01:50:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2010.05.12 07:50:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.04.06 08:58:54 | 000,000,008 | ---- | M] () -- C:\WINDOWS\system32\drivers\rtkhdaud.dat
[2009.12.30 11:58:00 | 000,004,692 | ---- | M] () -- C:\WINDOWS\system32\drivers\SamSfPa.dat
[2008.04.14 08:52:06 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vfwwdm32.dll
[2008.04.14 08:52:58 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\vidcap.ax

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.08.19 13:56:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2009.12.23 20:12:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.12.23 20:12:52 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.12.23 20:12:52 | 000,487,424 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[20 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[219 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2009.12.23 20:13:40 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.03.06 22:41:36 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\hpzinstall.log
[2011.07.18 21:20:28 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\ReminderNextRun

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2010.11.20 17:14:13 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\ASPEncoder\Uninstaller.exe
[2010.11.20 17:14:27 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\ControlPanel\Uninstaller.exe
[2010.11.20 17:14:41 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Converter\Uninstaller.exe
[2010.11.20 17:14:43 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\DFXPlugin\Uninstaller.exe
[2010.11.20 17:14:47 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.11.20 17:16:10 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.11.20 17:14:46 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\DSAACDecoder\Uninstaller.exe
[2010.11.20 17:14:48 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\DSASPDecoder\Uninstaller.exe
[2010.11.20 17:14:53 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\DSAVCDecoder\Uninstaller.exe
[2010.11.20 17:14:53 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\DSDesktopComponents\Uninstaller.exe
[2010.11.20 17:14:28 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\MPEG2Plugin\Uninstaller.exe
[2010.11.20 17:14:26 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.11.20 17:15:52 | 000,057,736 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Player\Uninstaller.exe
[2010.11.20 17:14:19 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Qt4.5\Uninstaller.exe
[2010.11.20 17:04:06 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2010.11.20 17:03:57 | 000,876,824 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Setup\DivXSetup.exe
[2010.11.20 17:14:40 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\TranscodeEngine\Uninstaller.exe
[2010.11.20 17:14:57 | 000,084,038 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\TransferWizard\Uninstaller.exe
[2010.11.20 17:15:53 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Update\Uninstaller.exe
[2010.11.20 17:16:09 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\WebPlayer\Uninstaller.exe
[2010.04.08 18:10:46 | 000,207,760 | ---- | M] (Oberon Media Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\OberonGameConsole\Asus\OberonMediaAutoUpdate.exe
[2008.08.07 01:31:14 | 000,528,384 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Ralink Driver\RT2860 Wireless LAN Card\Driver\RaInst.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.05.31 10:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Adobe
[2011.06.08 10:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Azuon
[2010.11.24 01:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\BitComet
[2011.07.22 19:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\BitTorrent
[2010.11.23 00:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\CometPlayer
[2010.11.20 19:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\DivX
[2010.10.15 15:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\GRETECH
[2011.07.22 11:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\HypoKalk
[2011.08.19 13:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\ICQ
[2009.12.24 04:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Identities
[2010.03.18 01:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\InstallShield
[2010.09.01 22:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Macromedia
[2011.08.19 18:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Malwarebytes
[2011.04.11 18:10:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Microsoft
[2010.09.14 18:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Mozilla
[2010.11.20 19:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\PriceGong
[2011.08.18 11:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Skype
[2011.07.03 09:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\skypePM
[2010.11.20 20:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Sun
[2010.11.23 00:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Template
[2010.11.22 18:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\tigerplayer
[2011.01.24 20:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\vlc
[2011.01.20 01:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Winamp
[2011.03.29 10:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2009.12.23 20:13:40 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\desktop.ini
[2010.09.01 19:26:44 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\wklnhst.dat

< %APPDATA%\*.exe /s >
[2011.03.04 12:27:58 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Microsoft\Installer\{E9232C0D-6588-41FF-9769-DBB3964464BD}\_2B383C469B29B8AE122E1F.exe
[2011.03.04 12:27:58 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Microsoft\Installer\{E9232C0D-6588-41FF-9769-DBB3964464BD}\_6FEFF9B68218417F98F549.exe
[2011.03.04 12:27:58 | 000,004,286 | R--- | M] () -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\Microsoft\Installer\{E9232C0D-6588-41FF-9769-DBB3964464BD}\_D38CA30FDE8DFEA436E510.exe

< %SYSTEMDRIVE%\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-11 19:16:07

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< *crack* >

< *keygen* >

< End of report >
Nahoru
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Re: Havěť - pravděpodbně vir z FB

#8 Příspěvek od kviki »

OTL Extras logfile created on: 19.8.2011 21:26:51 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Martina Dreslerová\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,11 Mb Total Physical Memory | 431,13 Mb Available Physical Memory | 42,51% Memory free
2,39 Gb Paging File | 1,93 Gb Available in Paging File | 80,96% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,01 Gb Total Space | 39,81 Gb Free Space | 49,76% Space Free | Partition Type: NTFS
Drive D: | 62,16 Gb Total Space | 6,73 Gb Free Space | 10,83% Space Free | Partition Type: NTFS
Drive E: | 298,02 Gb Total Space | 4,40 Gb Free Space | 1,48% Space Free | Partition Type: FAT32

Computer Name: MARTINKA | User Name: Martina Dreslerová | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-650706524-2581852850-3483305715-1006\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"24654:TCP" = 24654:TCP:*:Enabled:BitComet 24654 TCP
"24654:UDP" = 24654:UDP:*:Enabled:BitComet 24654 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe" = C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe:*:Enabled:C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe -- ()
"C:\WINDOWS\update.tray-3-0\svchost.exe" = C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe -- ()
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()
"C:\WINDOWS\update.3\svchost.exe" = C:\WINDOWS\update.3\svchost.exe:*:Enabled:C:\WINDOWS\update.3\svchost.exe -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B5092B6-F231-4D18-83BC-2618B729CA45}" = CapsHook
"{5469D537-9B44-4c78-BF2D-5F9807564F74}" = HP PSC & OfficeJet 4.7
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{59CF12E3-C3C3-41DD-87EE-994BEF811C02}" = Expert
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7CF94476-77F9-401E-BEB5-845285735AAB}" = Windows Live Zabezpečení rodiny
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{998C31A1-0FE0-4C33-877C-C6DA1376B24D}" = Hypoteční kalkulačka
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1" = Game Park Console
"{D6A1D7F6-79CB-4159-AF03-F21F28080B97}" = Windows Live Toolbar
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D802DD00-16A8-4A58-AFC9-020C2380ECDA}" = EeeSplendid
"{D806E63B-0C11-4061-8DA9-1E980FB9A9EB}" = Data Sync
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v2.1
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = USB2.0 UVC VGA WebCam
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E9232C0D-6588-41FF-9769-DBB3964464BD}" = Azuon
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}" = ebi.BookReader3J
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS VIBE" = ASUS VIBE
"conduitEngine" = Conduit Engine
"DivX Setup.divx.com" = DivX Setup
"Eee Docking_is1" = Eee Docking 1.3.12.0
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GOM Player" = GOM Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Photo & Imaging" = HP Image Zone 4.7
"ie8" = Windows Internet Explorer 8
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"Kalkulátory_is1" = ČSOBP Kalkulátory 1.4.5.0 (BALÍČEK 8)
"Lexicon5" = Lingea Lexicon 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NOD32" = Antivirový systém NOD32
"SHARP MX-2300 2700 3500 4500 Series PCL PS Printer Driver" = SHARP MX/DX Series PCL/PS Printer Driver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-650706524-2581852850-3483305715-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3.7.2011 3:04:56 | Computer Name = MARTINKA | Source = MsiInstaller | ID = 10005
Description = Produkt: Windows Live Mail - Instalační služba zjistila neočekávanou
chybu při instalaci tohoto balíčku. S balíčkem mohou být potíže. Kód chyby je 2762.
Argumenty jsou: , ,

Error - 3.7.2011 3:05:01 | Computer Name = MARTINKA | Source = MsiInstaller | ID = 10005
Description = Produkt: Windows Live Communications Platform - Instalační služba
zjistila neočekávanou chybu při instalaci tohoto balíčku. S balíčkem mohou být potíže.
Kód chyby je 2762. Argumenty jsou: , ,

Error - 3.7.2011 3:05:01 | Computer Name = MARTINKA | Source = MsiInstaller | ID = 10005
Description = Produkt: Windows Live Communications Platform - Instalační služba
zjistila neočekávanou chybu při instalaci tohoto balíčku. S balíčkem mohou být potíže.
Kód chyby je 2762. Argumenty jsou: , ,

Error - 7.7.2011 5:06:15 | Computer Name = MARTINKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msnmsgr.exe, verze 14.0.8117.416, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.7.2011 16:29:46 | Computer Name = MARTINKA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19088, adresa chyby 0x000da56c.

Error - 14.7.2011 5:09:57 | Computer Name = MARTINKA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
imon.dll, verze 2.70.32.0, adresa chyby 0x0002472a.

Error - 2.8.2011 7:03:30 | Computer Name = MARTINKA | Source = MsiInstaller | ID = 11305
Description = Produkt: Expert – Chyba 1305Při čtení souboru C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\Rar$EX18.496\v.2.0.26\AEGON
Expert 2.0.26.msi došlo k chybě. Systémová chyba 1008. Ověřte, zda soubor existuje
a máte k němu přístup.

Error - 2.8.2011 7:03:32 | Computer Name = MARTINKA | Source = MsiInstaller | ID = 11305
Description = Produkt: Expert – Chyba 1305Při čtení souboru C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\Rar$EX18.496\v.2.0.26\AEGON
Expert 2.0.26.msi došlo k chybě. Systémová chyba 1008. Ověřte, zda soubor existuje
a máte k němu přístup.

Error - 2.8.2011 7:03:35 | Computer Name = MARTINKA | Source = MsiInstaller | ID = 11305
Description = Produkt: Expert – Chyba 1305Při čtení souboru C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\Rar$EX18.496\v.2.0.26\AEGON
Expert 2.0.26.msi došlo k chybě. Systémová chyba 1008. Ověřte, zda soubor existuje
a máte k němu přístup.

Error - 2.8.2011 7:03:37 | Computer Name = MARTINKA | Source = MsiInstaller | ID = 11305
Description = Produkt: Expert – Chyba 1305Při čtení souboru C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\Rar$EX18.496\v.2.0.26\AEGON
Expert 2.0.26.msi došlo k chybě. Systémová chyba 1008. Ověřte, zda soubor existuje
a máte k němu přístup.

[ OSession Events ]
Error - 26.4.2011 13:39:06 | Computer Name = MARTINKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6564
seconds with 240 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 18.8.2011 3:25:18 | Computer Name = MARTINKA | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {49CD32AD-D565-4302-B26E-D46701A20029}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 18.8.2011 8:29:27 | Computer Name = MARTINKA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.63 pro síťovou kartu s adresou 74F06D09BEB2
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 18.8.2011 8:29:29 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba AMON neuspěla při spuštění v důsledku následující chyby: %%2

Error - 18.8.2011 8:29:29 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba NOD32 Kernel Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 18.8.2011 16:11:07 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba AMON neuspěla při spuštění v důsledku následující chyby: %%2

Error - 18.8.2011 16:11:07 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba NOD32 Kernel Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.8.2011 3:29:42 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba AMON neuspěla při spuštění v důsledku následující chyby: %%2

Error - 19.8.2011 3:29:42 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba NOD32 Kernel Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.8.2011 7:56:18 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba AMON neuspěla při spuštění v důsledku následující chyby: %%2

Error - 19.8.2011 7:56:18 | Computer Name = MARTINKA | Source = Service Control Manager | ID = 7000
Description = Služba NOD32 Kernel Service neuspěla při spuštění v důsledku následující
chyby: %%2


< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Havěť - pravděpodbně vir z FB

#9 Příspěvek od Caroprd111 »

:arrow: Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.

Kód: Vybrat vše

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

:OTL
MOD - [2011.08.19 14:11:31 | 000,632,832 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
MOD - [2011.08.19 14:07:07 | 000,382,464 | ---- | M] () -- C:\WINDOWS\update.7.1\svchostdriver.exe
MOD - [2011.07.26 09:51:51 | 000,348,672 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
MOD - [2011.07.25 22:15:59 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
MOD - [2011.07.24 10:39:32 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
MOD - [2011.07.19 10:12:23 | 000,114,176 | ---- | M] () -- C:\WINDOWS\systemup.exe
MOD - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.tray-3-0-lnk\svchost.exe
MOD - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.tray-3-0\svchost.exe
MOD - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
SRV - File not found [Auto | Stopped] -- -- (NOD32krn)
SRV - [2011.08.19 14:11:31 | 000,632,832 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.2\svchost.exe -- (srviecheck)
SRV - [2011.08.19 14:07:07 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.7.1\svchostdriver.exe -- (ddservice)
SRV - [2011.07.26 09:51:51 | 000,348,672 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011.07.25 22:15:59 | 000,256,000 | ---- | M] () [Auto | Running] -- C:\WINDOWS\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.07.19 09:28:47 | 001,150,976 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
DRV - [2010.09.26 22:14:08 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010.09.26 22:14:04 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
IE - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - File not found
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - File not found
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - File not found
O3 - HKU\S-1-5-21-650706524-2581852850-3483305715-1006\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - File not found
O4 - HKLM..\Run: [2046629.exe] C:\WINDOWS\TEMP\2046629.exe ()
O4 - HKLM..\Run: [2727915.exe] C:\WINDOWS\TEMP\2727915.exe ()
O4 - HKLM..\Run: [474558.exe] C:\WINDOWS\TEMP\474558.exe ()
O4 - HKLM..\Run: [79826616-loader2.exe] C:\WINDOWS\TEMP\79826616-loader2.exe ()
O4 - HKLM..\Run: [8049229.exe] C:\Documents and Settings\Martina Dreslerová\Local Settings\Temp\8049229.exe ()
O4 - HKLM..\Run: [EeeSplendidAgent] File not found
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [nod32kui] File not found
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\WINDOWS\systemup.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-3-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [UpdateReminder] File not found
O4 - HKLM..\Run: [w_distrib.exe] C:\WINDOWS\update.3\svchost.exe ()
O4 - HKLM..\Run: [wxpdrv] File not found
24 - Desktop Components:0 () - file:///C:/DOCUME~1/MARTIN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif
O24 - Desktop Components:1 () - file:///C:/DOCUME~1/MARTIN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg
O31 - SafeBoot: AlternateShell - services32.exe
[2011.08.19 14:07:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.7.1
[2011.08.04 09:51:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SCDRV
[2011.08.04 09:51:18 | 000,000,000 | ---D | C] -- C:\Drivers
[2011.07.24 17:30:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.3
[2011.08.19 14:11:33 | 000,000,245 | ---- | M] () -- C:\WINDOWS\info1
[2011.07.25 22:15:59 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.25 22:15:59 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
[2011.07.24 10:39:32 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.19 10:12:58 | 000,232,960 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.19 10:12:31 | 000,114,176 | ---- | C] () -- C:\WINDOWS\systemup.exe
[2011.07.19 09:59:29 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.07.19 09:41:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.19 09:41:16 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.19 09:41:02 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
[2010.12.05 00:01:01 | 000,293,160 | ---- | C] () -- C:\Program Files\SoftonicDownloader_for_vlc-media-player.exe
[2010.09.26 22:15:22 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2010.09.02 20:30:45 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.01 19:26:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Martina Dreslerová\Data aplikací\wklnhst.dat
[2010.03.18 01:55:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\uvcrecordfix.exe
[2010.03.18 01:55:51 | 000,024,576 | ---- | C] () -- C:\WINDOWS\Sleep.exe
[20 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[219 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]


:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe" =-
"C:\WINDOWS\update.1\svchost.exe" =-
"C:\WINDOWS\update.tray-3-0\svchost.exe" =-
"C:\WINDOWS\update.2\svchost.exe" =-
"C:\WINDOWS\update.3\svchost.exe" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NOD32" =-
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" =-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
Obrázek
Nahoru
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Re: Havěť - pravděpodbně vir z FB

#10 Příspěvek od kviki »

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Havěť - pravděpodbně vir z FB

#11 Příspěvek od Caroprd111 »

Zkuste aplikovat skript v nouzovém režimu (po restartu mačkejte F8).
Obrázek
Nahoru
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Re: Havěť - pravděpodbně vir z FB

#12 Příspěvek od kviki »

Po najeti nouzoveho rezimu (plocha najede) se po cca po jedne minute sam restartne (i bez jakehokoliv zasahu). Takze test tam nejde spustit.
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Havěť - pravděpodbně vir z FB

#13 Příspěvek od Caroprd111 »

Pokračujte podle návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Obrázek
Nahoru
kviki
Návštěvník
Návštěvník
Příspěvky: 100
Registrován: 11 čer 2007 10:23

Re: Havěť - pravděpodbně vir z FB

#14 Příspěvek od kviki »

ComboFix 11-08-19.02 - Martina Dreslerová 19.08.2011 22:34:24.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.535 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martina Dreslerovß\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\FullRemove.exe
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\service
c:\windows\system32\service\03092010_TIS17_SfFniAU.log
c:\windows\system32\service\04092010_TIS17_SfFniAU.log
c:\windows\system32\service\05092010_TIS17_SfFniAU.log
c:\windows\system32\service\09092010_TIS17_SfFniAU.log
c:\windows\system32\service\11092010_TIS17_PccScan.log
c:\windows\system32\service\11092010_TIS17_SfFniAU.log
c:\windows\system32\service\12052010_TIS17_PccScan.log
c:\windows\system32\service\12092010_TIS17_PccScan.log
c:\windows\system32\service\23092010_TIS17_PccScan.log
c:\windows\system32\service\27092010_TIS17_SfFniAU.log
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.3
c:\windows\update.3\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_SRVSYSDRIVER32
-------\Legacy_WXPDRIVERS
-------\Service_srvbtcclient
-------\Service_srviecheck
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-19 do 2011-08-19 )))))))))))))))))))))))))))))))
.
.
2011-08-19 20:09 . 2011-08-19 20:09 -------- d-----w- c:\documents and settings\Administrator
2011-08-19 19:55 . 2011-08-19 19:55 -------- d-----w- C:\_OTL
2011-08-19 19:30 . 2011-08-19 19:30 512 ----a-w- C:\PhysicalMBR.bin
2011-08-19 16:43 . 2011-08-19 16:43 -------- d-----w- c:\documents and settings\Martina Dreslerová\Data aplikací\Malwarebytes
2011-08-19 16:43 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-19 16:43 . 2011-08-19 16:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-19 16:43 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-19 16:43 . 2011-08-19 16:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-19 14:03 . 2011-08-19 14:04 -------- d-----w- c:\program files\trend micro
2011-08-19 14:03 . 2011-08-19 14:04 -------- d-----w- C:\rsit
2011-08-19 12:09 . 2011-08-19 12:09 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2011-08-19 12:07 . 2011-08-19 12:07 -------- d--h--w- c:\windows\update.7.1
2011-08-04 07:53 . 2011-08-04 07:53 -------- d-----w- c:\program files\SHARP
2011-08-04 07:52 . 2008-10-29 12:18 98304 ----a-w- c:\windows\system32\SN0ELMON.dll
2011-08-04 07:52 . 2007-04-17 14:11 45056 ----a-w- c:\windows\system32\SN0EMTNT.dll
2011-08-04 07:52 . 2009-05-22 09:35 159836 ----a-w- c:\windows\_isusr32.dll
2011-08-04 07:52 . 2004-04-12 14:17 45056 ------w- c:\windows\system32\_isusr2k.dll
2011-08-04 07:52 . 2009-01-29 14:36 77492 ----a-w- c:\windows\system32\SCN2PM.dll
2011-08-04 07:52 . 2007-05-31 15:00 51855 ----a-w- c:\windows\system32\SCN2PMUI.dll
2011-08-04 07:52 . 2006-02-06 09:24 53248 ----a-w- c:\windows\system32\SCN2PMR.dll
2011-08-04 07:51 . 2011-08-04 07:52 -------- d-----w- c:\windows\system32\SCDRV
2011-08-04 07:51 . 2011-08-04 07:51 -------- d-----w- C:\Drivers
2011-07-24 08:10 . 2011-07-24 08:10 -------- d-----w- c:\program files\Common Files\Adobe
2011-07-22 09:32 . 2011-07-22 09:32 -------- d-----w- c:\documents and settings\Martina Dreslerová\Data aplikací\HypoKalk
2011-07-22 09:31 . 2011-07-22 09:31 -------- d-----w- c:\program files\Komerční Banka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-24 08:39 . 2011-07-19 08:12 232960 ----a-w- c:\windows\l1rezerv.exe
2011-07-19 08:31 . 2011-07-19 07:59 246272 ----a-w- c:\windows\unrar.exe
2011-07-19 08:12 . 2011-07-19 08:12 114176 ----a-w- c:\windows\systemup.exe
2011-07-15 13:29 . 2009-12-23 18:07 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2009-12-23 18:07 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-12-24 02:16 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2009-12-23 18:07 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2009-12-23 18:07 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2009-12-23 18:07 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2009-12-23 18:07 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2009-12-23 18:07 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2009-12-23 18:07 1858944 ----a-w- c:\windows\system32\win32k.sys
2010-12-04 22:01 . 2010-12-04 22:01 293160 ----a-w- c:\program files\SoftonicDownloader_for_vlc-media-player.exe
2010-10-15 13:04 . 2010-10-15 13:04 7271080 ----a-w- c:\program files\GOMPLAYERENSETUP.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-25 402096]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-28 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-28 173592]
"LiveUpdate"="c:\program files\Asus\LiveUpdate\LiveUpdate.exe" [2010-01-29 751592]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-11-19 83240]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-05-12 2018032]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"CapsHook"="c:\program files\EeePC\CapsHook\CapsHook.exe" [2010-05-28 445344]
"RTHDCPL"="RTHDCPL.EXE" [2010-04-27 19523616]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-06-26 118784]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-11-19 1594664]
"tray_ico0"="c:\windows\update.tray-3-0\svchost.exe" [2011-07-19 1150976]
"systemup"="c:\windows\systemup.exe" [2011-07-19 114176]
"l1rezerv.exe"="c:\windows\l1rezerv.exe" [2011-07-24 232960]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-28 141336]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2010-05-17 1246632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Martina Dreslerov \Nabˇdka Start\Programy\Po spuçtŘnˇ\
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2010-11-14 275736]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2010-3-18 385024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Martina Dreslerová^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Martina Dreslerová\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\update.tray-3-0\\svchost.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"24654:TCP"= 24654:TCP:BitComet 24654 TCP
"24654:UDP"= 24654:UDP:BitComet 24654 UDP
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [18.3.2010 1:51 11520]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [26.9.2010 22:15 15424]
R2 ddservice;ddservice;c:\windows\update.7.1\svchostdriver.exe srv --> c:\windows\update.7.1\svchostdriver.exe srv [?]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [3.11.2009 10:34 44032]
R3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\drivers\rtsuvc.sys [31.8.2010 0:29 73088]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [31.8.2010 0:28 1691480]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [23.12.2009 20:07 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.70.11
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\BitTorrentBar\tbBitT.dll
BHO-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\BitTorrentBar\tbBitT.dll
Toolbar-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\BitTorrentBar\tbBitT.dll
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - c:\program files\BitTorrentBar\tbBitT.dll
HKLM-Run-EeeSplendidAgent - c:\program files\ASUS\EPC\EeeSplendid\AsAgent.exe
HKLM-Run-nod32kui - c:\program files\Eset\nod32kui.exe
HKLM-Run-wxpdrv - c:\windows\services32.exe
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico1 - (no file)
HKLM-Run-tray_ico2 - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
HKLM-Run-w_distrib.exe - c:\windows\update.3\svchost.exe
HKLM-Run-UpdateReminder - c:\program files\Eset\UpdateReminder.exe
SafeBoot-wxpdrivers
AddRemove-NOD32 - c:\program files\Eset\Setup\setup.exe
AddRemove-{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1 - c:\program files\Eset\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-19 22:43
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1704)
c:\windows\system32\webcheck.dll
c:\windows\system32\msls31.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\update.7.1\svchostdriver.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\update.7.1\svchostdriver.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2011-08-19 22:48:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-19 20:48
.
Před spuštěním: Volných bajtů: 43 499 257 856
Po spuštění: Volných bajtů: 43 348 680 704
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=AlwaysOff /fastdetect
.
- - End Of File - - 38F2E9250037F116FF4E7372C9598469
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Havěť - pravděpodbně vir z FB

#15 Příspěvek od Caroprd111 »

Obrázek Pokud nemáte, přesuňte Combofix na plochu
  • Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

File::
c:\windows\l1rezerv.exe
c:\windows\unrar.exe
c:\windows\systemup.exe
c:\program files\SoftonicDownloader_for_vlc-media-player.exe
c:\program files\GOMPLAYERENSETUP.EXE

Folder::
c:\windows\update.7.1
c:\program files\ConduitEngine
c:\windows\update.tray-3-0

Driver::
ddservice

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Martina Dreslerová\Local Settings\Temporary Internet Files\Content.IE5\W1B27QE5\Flash-Player[1].exe" =-
"C:\WINDOWS\update.1\svchost.exe" =-
"C:\WINDOWS\update.tray-3-0\svchost.exe" =-
"C:\WINDOWS\update.2\svchost.exe" =-
"C:\WINDOWS\update.3\svchost.exe" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tray_ico0"=-
"systemup"=-
"l1rezerv.exe"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
  • Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
  • Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:

    Obrázek
  • Po aplikaci na Vás vypadne další log,vložte ho sem
Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Obrázek
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“