Pro Motji...

Zpráva

rokony · #16 Příspěvek od **rokony** » 07 pro 2011 20:21

TAk ComboFix po dokončení 50 fáze vytuhl zase.

#17 Příspěvek od **motji** » 08 pro 2011 08:16

A nevšiml jste si zda něco mazal?
Ted to s pc vypadá jak?

rokony · #18 Příspěvek od **rokony** » 09 pro 2011 14:32

Nemazal nic, prostě se po čísle 50 zasekl. PC se zdá v pohodě, tedy až na to, že přestaly nabíhat Ofice.

#19 Příspěvek od **motji** » 09 pro 2011 16:18

Poprosím o log ze rsitu, viz můj podpis.

rokony · #20 Příspěvek od **rokony** » 10 pro 2011 18:30

Tak tady to je... Děkuji!! Office XP přestaly nabíhat, tak jsem je přeinstaloval Office 2010, ale nic jsem tím nevyřešil, stále to nenabíhá.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dolní at 2011-12-10 13:47:05
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (14%) free of 20 GB
Total RAM: 768 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:47:42, on 10.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Documents and Settings\All Users\Data aplikací\bProtector\bProtect.exe
C:\Program Files\InstallBrainService\InstallBrainService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Data aplikací\bProtector\bProtect.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Dolní\Plocha\Testování\RSIT.exe
C:\Program Files\trend micro\Dolní.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: WindowShopper - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SuperFish\Superfish.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
O2 - BHO: File2LinkIB - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
O3 - Toolbar: File2LinkIB - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [jusched] %APPDATA%\jusched.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: WindowShopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\SuperFish\Superfish.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Click here to support the xp-AntiSpy project. - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: Support for xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: bProtector - bProtector - C:\Documents and Settings\All Users\Data aplikací\bProtector\bProtect.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: InstallBrain Updater Service (InstallBrainService) - Unknown owner - C:\Program Files\InstallBrainService\InstallBrainService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe

--
End of file - 10662 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-12-13 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll [2011-02-08 721840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]
WindowShopper - C:\Program Files\SuperFish\Superfish.dll [2011-11-17 279472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-06-17 119808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll [2011-11-11 1451336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b}]
File2LinkIB - C:\Program Files\file2linkib\file2linkibX.dll [2011-10-25 85288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
MediaBar - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll [2011-01-18 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-17 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - MediaBar - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll [2011-01-18 87480]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll [2011-11-11 1451336]
{c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - File2LinkIB - C:\Program Files\file2linkib\file2linkibX.dll [2011-10-25 85288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"DATAMNGR"=C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE [2011-02-08 1114040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-13 198160]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2011-10-24 2415456]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2011-10-28 218440]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-10-20 2497352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\53110717]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [2010-10-27 648536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M5T8QL3YW3]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-13 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~1\Office10\OSA.EXE [2001-02-13 83360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\Dolní\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-19 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoAutoUpdate"=1
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MIDI2"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"midi"=wdmaud.drv
"midi9"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll

======List of files/folders created in the last 1 month======

2011-12-07 22:40:18 ----D---- C:\Program Files\MSECache
2011-12-07 22:25:42 ----D---- C:\Documents and Settings\Dolní\Data aplikací\OpenOffice.org
2011-12-07 22:17:26 ----D---- C:\Program Files\OpenOffice.org 3
2011-12-07 22:15:06 ----A---- C:\WINDOWS\system32\javaws.exe
2011-12-07 22:15:06 ----A---- C:\WINDOWS\system32\javaw.exe
2011-12-07 22:15:06 ----A---- C:\WINDOWS\system32\java.exe
2011-12-07 22:11:06 ----SHD---- C:\Config.Msi
2011-12-07 21:28:05 ----D---- C:\WINDOWS\ShellNew
2011-12-03 13:48:49 ----SD---- C:\ComboFix
2011-12-02 16:30:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Fighters
2011-11-30 22:09:24 ----A---- C:\WINDOWS\PEV.exe
2011-11-30 22:09:23 ----A---- C:\WINDOWS\zip.exe
2011-11-30 22:09:23 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-11-30 22:09:23 ----A---- C:\WINDOWS\SWSC.exe
2011-11-30 22:09:23 ----A---- C:\WINDOWS\SWREG.exe
2011-11-30 22:09:23 ----A---- C:\WINDOWS\sed.exe
2011-11-30 22:09:23 ----A---- C:\WINDOWS\grep.exe
2011-11-29 23:08:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-11-29 23:07:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2011-11-29 22:41:05 ----A---- C:\WINDOWS\imsins.BAK
2011-11-29 22:40:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-11-29 21:11:51 ----ASH---- C:\hiberfil.sys
2011-11-29 20:59:56 ----D---- C:\WINDOWS\temp
2011-11-29 19:42:12 ----A---- C:\Boot.bak
2011-11-29 19:42:07 ----RASHD---- C:\cmdcons
2011-11-29 19:38:45 ----A---- C:\WINDOWS\NIRCMD.exe
2011-11-29 19:38:45 ----A---- C:\WINDOWS\MBR.exe
2011-11-29 19:35:27 ----A---- C:\WINDOWS\ntbtlog.txt
2011-11-29 19:26:32 ----D---- C:\WINDOWS\ERDNT
2011-11-29 19:26:16 ----D---- C:\Qoobox
2011-11-26 19:16:07 ----D---- C:\Program Files\trend micro
2011-11-26 19:16:02 ----D---- C:\rsit
2011-11-23 21:43:44 ----D---- C:\Program Files\Microsoft Bootvis
2011-11-23 21:32:31 ----D---- C:\Documents and Settings\Dolní\Data aplikací\PerformerSoft
2011-11-23 21:32:15 ----A---- C:\WINDOWS\system32\roboot.exe
2011-11-23 21:31:46 ----D---- C:\WINDOWS\system32\Extensions
2011-11-23 21:31:27 ----A---- C:\WINDOWS\system32\protector.dll
2011-11-23 21:31:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\bProtector
2011-11-23 21:30:28 ----D---- C:\Program Files\SuperFish
2011-11-23 21:30:01 ----D---- C:\Documents and Settings\Dolní\Data aplikací\file2linkib
2011-11-23 21:29:56 ----D---- C:\Program Files\file2linkib
2011-11-23 21:29:26 ----D---- C:\Program Files\InstallBrainService
2011-11-18 18:27:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\ZoomBrowser
2011-11-11 17:53:53 ----A---- C:\WINDOWS\system32\cmdcsr.dll

======List of files/folders modified in the last 1 month======

2011-12-10 13:08:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-12-10 13:08:34 ----D---- C:\WINDOWS\system32\drivers\AVG
2011-12-10 13:02:58 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-10 13:00:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-07 22:48:05 ----SHD---- C:\WINDOWS\Installer
2011-12-07 22:43:23 ----RSD---- C:\WINDOWS\Fonts
2011-12-07 22:42:58 ----D---- C:\Program Files\Microsoft Office
2011-12-07 22:42:43 ----RD---- C:\Program Files\Common Files\Microsoft Shared
2011-12-07 22:40:18 ----RD---- C:\Program Files
2011-12-07 22:22:23 ----RSD---- C:\WINDOWS\assembly
2011-12-07 22:15:09 ----D---- C:\WINDOWS\system32
2011-12-07 22:13:30 ----D---- C:\Program Files\Java
2011-12-07 22:11:19 ----D---- C:\WINDOWS\WinSxS
2011-12-07 21:32:14 ----A---- C:\WINDOWS\ODBC.INI
2011-12-07 21:28:05 ----D---- C:\WINDOWS
2011-12-07 21:22:55 ----D---- C:\WINDOWS\system
2011-12-07 20:44:22 ----D---- C:\Program Files\Common Files\Designer
2011-12-07 19:42:28 ----D---- C:\WINDOWS\Prefetch
2011-12-07 16:36:54 ----D---- C:\Program Files\Opera
2011-12-04 18:09:44 ----A---- C:\WINDOWS\WTRAN32.INI
2011-12-03 14:01:49 ----D---- C:\WINDOWS\system32\drivers
2011-12-03 14:01:36 ----D---- C:\WINDOWS\AppPatch
2011-12-03 14:00:49 ----RAD---- C:\Program Files\Common Files
2011-12-03 13:49:01 ----SHD---- C:\System Volume Information
2011-12-03 13:49:01 ----D---- C:\WINDOWS\system32\Restore
2011-12-02 17:13:57 ----HD---- C:\WINDOWS\inf
2011-12-01 23:05:06 ----D---- C:\WINDOWS\Microsoft.NET
2011-11-30 10:42:51 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-11-29 23:04:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-29 22:42:32 ----A---- C:\WINDOWS\system32\MRT.exe
2011-11-29 22:10:51 ----D---- C:\Program Files\Crawler
2011-11-29 20:59:33 ----SHD---- C:\WINDOWS\CSC
2011-11-29 19:55:40 ----SHD---- C:\RECYCLED
2011-11-29 19:42:12 ----RASH---- C:\boot.ini
2011-11-29 19:38:57 ----SHD---- C:\RECYCLER
2011-11-29 19:35:47 ----D---- C:\Documents and Settings
2011-11-26 23:36:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-11-26 23:35:02 ----D---- C:\WINDOWS\Debug
2011-11-23 21:46:03 ----SD---- C:\WINDOWS\Tasks
2011-11-18 18:47:38 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-11-18 18:29:03 ----D---- C:\Program Files\Canon
2011-11-18 18:00:08 ----A---- C:\WINDOWS\ULead32.ini
2011-11-18 11:58:52 ----D---- C:\Program Files\DeadDiskDoctor
2011-11-11 19:51:36 ----D---- C:\Program Files\AVG Secure Search
2011-11-11 17:28:03 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-11-11 09:33:22 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-10-07 97760]
R0 sisagp;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-10-07 492768]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-10-07 31704]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 Pv848;ProVideo, PV-956 WDM Video Capture; C:\WINDOWS\system32\drivers\Pv848.sys [2003-10-28 71151]
R2 PVTUNER;ProVideo, PV-956 WDM TvTuner; C:\WINDOWS\system32\drivers\PvTUNER.sys [2003-10-28 32930]
R2 PVXBAR;ProVideo, PV-956 WDM Crossbar; C:\WINDOWS\system32\drivers\PvXBAR.sys [2003-10-28 14352]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2008-04-13 32768]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-08-29 578304]
S3 catchme;catchme; \??\C:\DOCUME~1\Dolní\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2011-02-16 64000]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-19 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-19 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 bProtector;bProtector; C:\Documents and Settings\All Users\Data aplikací\bProtector\bProtect.exe [2011-11-23 803328]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2009-09-08 96334]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-10-07 1883328]
R2 InstallBrainService;InstallBrain Updater Service; C:\Program Files\InstallBrainService\InstallBrainService.exe [2011-11-23 273912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-08-17 153376]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 vToolbarUpdater;vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-10-28 246600]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#21 Příspěvek od **motji** » 10 pro 2011 23:17

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

rokony · #22 Příspěvek od **rokony** » 11 pro 2011 15:19

Log Extras.txt se neudělal. Nejprve jsem testoval v nouzovém režimu a potom v normálním, Extras se neobjevil. Log vytvořený v nouzovém režimu se liší, raději dám oba.
Nejprve OTL.txt z normálního spuštění: (test v normálním režimu byl spuštěn až po testu v režimu nouze)

OTL logfile created on: 11.12.2011 14:50:52 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = F:\Testovací prog
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

767,53 Mb Total Physical Memory | 301,45 Mb Available Physical Memory | 39,28% Memory free
1,71 Gb Paging File | 1,20 Gb Available in Paging File | 70,29% Paging File free
Paging file location(s): D:\pagefile.sys 1024 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 1,74 Gb Free Space | 8,90% Space Free | Partition Type: NTFS
Drive D: | 11,95 Gb Total Space | 2,49 Gb Free Space | 20,84% Space Free | Partition Type: FAT32
Drive F: | 963,70 Mb Total Space | 232,36 Mb Free Space | 24,11% Space Free | Partition Type: FAT

Computer Name: DOLNI | User Name: Dolní | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2011.12.11 13:43:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\Testovací prog\OTL.exe
PRC - [2011.11.23 21:31:27 | 000,803,328 | ---- | M] (bProtector) -- C:\Documents and Settings\All Users\Data aplikací\bProtector\bProtect.exe
PRC - [2011.11.23 21:21:16 | 000,273,912 | ---- | M] () -- C:\Program Files\InstallBrainService\InstallBrainService.exe
PRC - [2011.10.28 18:13:21 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011.10.28 18:13:17 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011.10.24 20:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011.10.20 12:58:40 | 002,497,352 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
PRC - [2011.10.18 06:14:54 | 001,229,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.10.10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011.10.07 18:47:13 | 001,883,328 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2011.09.08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011.08.15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.08.02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.02.08 18:21:52 | 001,114,040 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2010.03.04 21:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009.12.13 14:37:00 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.09.08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2008.04.14 05:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003.05.05 07:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

========== Modules (No Company Name) ==========

MOD - [2011.11.23 21:31:27 | 000,748,544 | ---- | M] () -- C:\WINDOWS\system32\protector.dll
MOD - [2011.11.23 21:21:16 | 000,273,912 | ---- | M] () -- C:\Program Files\InstallBrainService\InstallBrainService.exe
MOD - [2011.10.28 18:13:21 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
MOD - [2011.10.28 18:13:17 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2010.03.04 21:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2008.10.11 21:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (helpsvc)
SRV - [2011.11.23 21:31:27 | 000,803,328 | ---- | M] (bProtector) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\bProtector\bProtect.exe -- (bProtector)
SRV - [2011.11.23 21:21:16 | 000,273,912 | ---- | M] () [Auto | Running] -- C:\Program Files\InstallBrainService\InstallBrainService.exe -- (InstallBrainService)
SRV - [2011.10.28 18:13:21 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.10.07 18:47:13 | 001,883,328 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.08.02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010.03.04 21:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009.09.08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - [2011.10.07 18:48:02 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011.10.07 18:48:01 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.10.07 18:48:00 | 000,492,768 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.10.07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011.10.04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.09.13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.08.08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.07.11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.07.11 00:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.07.11 00:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011.07.11 00:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2009.11.12 12:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.04.14 06:10:02 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 21:05:40 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2003.10.28 15:06:16 | 000,014,352 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PvXBAR.sys -- (PVXBAR)
DRV - [2003.10.28 15:05:26 | 000,071,151 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pv848.sys -- (Pv848)
DRV - [2003.10.28 15:04:18 | 000,032,930 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PvTUNER.sys -- (PVTUNER)
DRV - [2003.07.18 02:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp)
DRV - [2002.07.17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.BAK -- (Aspi32)
DRV - [2001.08.17 21:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.goonsearch.com/?source=IBR-IB-PDP-INS-HP

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.goonsearch.com/?source=IBR-IB-PDP-INS-HP
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ [2011.11.05 20:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011.11.22 13:42:05 | 000,000,000 | ---D | M]

========== Chrome ==========

O1 HOSTS File: ([2011.11.01 20:53:41 | 000,437,882 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15062 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (WindowShopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SuperFish\Superfish.dll (Superfish)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (File2LinkIB) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll ()
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (File2LinkIB) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [jusched] %APPDATA%\jusched.exe File not found
O4 - HKU\S-1-5-18..\Run: [jusched] %APPDATA%\jusched.exe File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - Startup: C:\Documents and Settings\Cernopolak\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKU\S-1-5-21-1078081533-492894223-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: WindowShopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\SuperFish\Superfish.dll (Superfish)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8862CCCC-5EBE-4341-A372-BCF758AA33EE}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Dolní\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dolní\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.24 20:05:44 | 000,000,141 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.02.02 15:14:36 | 000,000,170 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ NTFS ]
O32 - AutoRun File - [2008.02.02 16:08:08 | 000,000,170 | ---- | M] () - C:\AUTOEXEC.NU4 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - File not found
NetSvcs: SSHNAS - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 60 Days ==========

[2011.12.10 20:25:52 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.12.10 19:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2011.12.10 19:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011.12.10 19:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011.12.10 19:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011.12.10 19:10:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2011.12.10 19:03:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011.12.10 19:03:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011.12.10 19:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Local Settings\Data aplikací\Microsoft Help
[2011.12.10 18:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
[2011.12.10 18:55:28 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.12.10 18:46:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.12.07 22:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011.12.07 22:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Data aplikací\OpenOffice.org
[2011.12.07 22:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011.12.07 22:15:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.12.07 22:15:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.12.07 22:15:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.12.02 16:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Fighters
[2011.11.30 22:09:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.11.30 22:09:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.11.30 22:09:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.11.29 20:59:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.11.29 19:42:07 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.11.29 19:38:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.11.29 19:26:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.11.29 19:26:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.11.29 19:24:55 | 004,334,705 | R--- | C] (Swearware) -- C:\Documents and Settings\Dolní\Plocha\ComboFix.exe
[2011.11.26 23:34:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dolní\Recent
[2011.11.26 19:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.26 19:16:02 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.23 21:43:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Nabídka Start\Programy\Microsoft Bootvis
[2011.11.23 21:43:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2011.11.23 21:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Data aplikací\PerformerSoft
[2011.11.23 21:32:15 | 000,017,456 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011.11.23 21:31:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
[2011.11.23 21:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\bProtector
[2011.11.23 21:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Nabídka Start\Programy\SpecialSavings
[2011.11.23 21:30:28 | 000,000,000 | ---D | C] -- C:\Program Files\SuperFish
[2011.11.23 21:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Data aplikací\file2linkib
[2011.11.23 21:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\file2linkib
[2011.11.23 21:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\InstallBrainService
[2011.11.20 19:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Plocha\Testování
[2011.11.18 18:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ZoomBrowser
[2011.11.18 18:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities
[2011.11.11 17:53:53 | 000,033,984 | ---- | C] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2011.11.05 20:20:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\COMODO
[2011.11.05 20:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
[2011.11.01 22:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Data aplikací\Comodo
[2011.11.01 20:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Comodo
[2011.11.01 20:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2011.10.30 21:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Data aplikací\AVG
[2011.10.28 18:47:27 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.10.28 18:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Data aplikací\AVG2012
[2011.10.28 18:13:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG 2012
[2011.10.28 18:13:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dolní\Data aplikací\AVG Secure Search
[2011.10.28 18:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011.10.28 18:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011.10.28 18:13:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.10.28 18:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.10.28 18:10:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011.10.28 18:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2011.12.11 14:53:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.11 14:47:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.11 14:47:20 | 804,884,480 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.11 12:51:18 | 111,839,177 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011.12.10 20:57:50 | 000,220,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.10 20:24:39 | 004,334,705 | R--- | M] (Swearware) -- C:\Documents and Settings\Dolní\Plocha\ComboFix.exe
[2011.12.07 21:32:14 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011.12.07 11:59:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.04 19:11:50 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\Dolní\Plocha\EVEREST Ultimate Edition.lnk
[2011.12.04 18:09:44 | 000,004,692 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2011.12.04 18:09:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2011.12.02 18:50:32 | 000,026,143 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011.12.02 16:53:26 | 104,379,152 | ---- | M] () -- C:\Documents and Settings\Dolní\Plocha\setup_11.0.0.1245.x01_2011_12_02_18_18.exe
[2011.11.29 23:07:58 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.11.29 23:04:28 | 000,432,928 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.29 23:04:28 | 000,429,454 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.11.29 23:04:28 | 000,078,466 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.11.29 23:04:28 | 000,067,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.29 19:42:12 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.11.27 22:31:49 | 000,000,410 | ---- | M] () -- C:\Documents and Settings\Dolní\Plocha\Zástupce - TestCPU.lnk
[2011.11.23 21:32:28 | 000,001,661 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\repository.xml
[2011.11.23 21:31:27 | 000,748,544 | ---- | M] () -- C:\WINDOWS\System32\protector.dll
[2011.11.22 13:42:06 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 2012.lnk
[2011.11.18 18:56:28 | 000,114,933 | -H-- | M] () -- C:\ZbThumbnail.info
[2011.11.18 18:27:33 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2011.11.18 18:00:08 | 000,000,410 | ---- | M] () -- C:\WINDOWS\ULead32.ini
[2011.11.11 17:46:24 | 001,775,842 | ---- | M] () -- C:\Documents and Settings\Dolní\Plocha\Geologické epochy.psd
[2011.11.07 20:18:27 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011.11.05 20:20:18 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2011.11.02 15:16:08 | 000,017,456 | ---- | M] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011.11.01 20:53:41 | 000,437,882 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.11 14:47:20 | 804,884,480 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.11 12:51:18 | 111,839,177 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011.12.10 19:25:49 | 000,744,786 | ---- | C] () -- C:\Documents and Settings\Dolní\Plocha\Aktivátor.exe
[2011.12.07 22:47:45 | 000,001,946 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft PowerPoint Viewer .lnk
[2011.12.04 19:11:50 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\Dolní\Plocha\EVEREST Ultimate Edition.lnk
[2011.12.02 18:50:32 | 000,026,143 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011.12.02 16:50:09 | 104,379,152 | ---- | C] () -- C:\Documents and Settings\Dolní\Plocha\setup_11.0.0.1245.x01_2011_12_02_18_18.exe
[2011.11.30 22:09:24 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.11.30 22:09:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.11.30 22:09:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.11.30 22:09:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.11.29 22:41:05 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.11.29 19:42:12 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.11.29 19:42:07 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.11.29 19:38:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.11.27 22:31:49 | 000,000,410 | ---- | C] () -- C:\Documents and Settings\Dolní\Plocha\Zástupce - TestCPU.lnk
[2011.11.27 18:43:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.23 21:32:27 | 000,001,661 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\repository.xml
[2011.11.23 21:31:27 | 000,748,544 | ---- | C] () -- C:\WINDOWS\System32\protector.dll
[2011.11.18 18:27:33 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2011.11.05 20:20:18 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2011.11.01 20:26:03 | 000,000,211 | ---- | C] () -- C:\boot.ini.comodofirewall
[2011.10.28 18:13:41 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AVG 2012.lnk
[2011.07.19 19:34:29 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2011.01.02 20:10:55 | 000,473,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.10.01 11:18:28 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDIdle.INI
[2010.06.27 20:19:10 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2010.04.01 12:48:57 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.01.22 22:07:15 | 000,000,057 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.12.30 13:06:29 | 000,135,168 | ---- | C] () -- C:\WINDOWS\AmCap5a.exe
[2009.12.30 13:06:29 | 000,004,604 | ---- | C] () -- C:\WINDOWS\ALIAS.INI
[2009.12.30 13:06:29 | 000,003,977 | ---- | C] () -- C:\WINDOWS\PV_Tuner.ini
[2009.12.30 13:06:29 | 000,003,450 | ---- | C] () -- C:\WINDOWS\FINETUNE.INI
[2009.12.30 13:06:29 | 000,003,107 | ---- | C] () -- C:\WINDOWS\REMAP.INI
[2009.12.30 13:06:29 | 000,003,073 | ---- | C] () -- C:\WINDOWS\frequency.ini
[2009.12.30 13:06:29 | 000,001,571 | ---- | C] () -- C:\WINDOWS\HOL.INI
[2009.12.30 13:06:29 | 000,001,115 | ---- | C] () -- C:\WINDOWS\AUS.INI
[2009.12.30 13:06:29 | 000,000,895 | ---- | C] () -- C:\WINDOWS\TAIWAN.INI
[2009.12.30 13:06:29 | 000,000,881 | ---- | C] () -- C:\WINDOWS\US.INI
[2009.12.30 13:06:29 | 000,000,875 | ---- | C] () -- C:\WINDOWS\ROMANIA-MSDN.INI
[2009.12.30 13:06:29 | 000,000,868 | ---- | C] () -- C:\WINDOWS\FRANCE.INI
[2009.12.30 13:06:29 | 000,000,817 | ---- | C] () -- C:\WINDOWS\OIRT.INI
[2009.12.30 13:06:29 | 000,000,751 | ---- | C] () -- C:\WINDOWS\IC.INI
[2009.12.30 13:06:29 | 000,000,711 | ---- | C] () -- C:\WINDOWS\FOT.INI
[2009.12.30 13:06:29 | 000,000,651 | ---- | C] () -- C:\WINDOWS\ANGOLA.INI
[2009.12.30 13:06:29 | 000,000,648 | ---- | C] () -- C:\WINDOWS\UK.INI
[2009.12.30 13:06:29 | 000,000,648 | ---- | C] () -- C:\WINDOWS\CCIR.INI
[2009.12.30 13:06:29 | 000,000,641 | ---- | C] () -- C:\WINDOWS\CHINA.INI
[2009.12.30 13:06:29 | 000,000,625 | ---- | C] () -- C:\WINDOWS\SA.INI
[2009.12.30 13:06:29 | 000,000,618 | ---- | C] () -- C:\WINDOWS\IR.INI
[2009.12.30 13:06:29 | 000,000,616 | ---- | C] () -- C:\WINDOWS\MO.INI
[2009.12.30 13:06:29 | 000,000,615 | ---- | C] () -- C:\WINDOWS\NZ.INI
[2009.12.30 13:06:29 | 000,000,615 | ---- | C] () -- C:\WINDOWS\NE.INI
[2009.12.30 13:06:29 | 000,000,607 | ---- | C] () -- C:\WINDOWS\IN.INI
[2009.12.30 13:06:29 | 000,000,602 | ---- | C] () -- C:\WINDOWS\ROMANIA.INI
[2009.12.30 13:06:29 | 000,000,587 | ---- | C] () -- C:\WINDOWS\JAPAN.INI
[2009.12.30 13:06:29 | 000,000,567 | ---- | C] () -- C:\WINDOWS\IT.INI
[2009.12.30 13:06:29 | 000,000,555 | ---- | C] () -- C:\WINDOWS\ISR.INI
[2009.12.30 13:06:29 | 000,000,481 | ---- | C] () -- C:\WINDOWS\RUSSIA.INI
[2009.12.13 14:43:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.06.06 21:38:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.06.02 19:19:18 | 000,001,123 | ---- | C] () -- C:\WINDOWS\mgreg.ini
[2009.06.02 19:19:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\mgwin.ini
[2009.05.31 12:40:38 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.30 15:49:59 | 000,003,021 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.05.30 15:49:53 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.05.30 14:46:36 | 000,004,692 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.05.30 12:18:08 | 000,000,410 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2009.05.30 10:41:08 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Dolní\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.30 10:22:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.05.30 10:09:51 | 000,022,916 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.05.30 10:02:36 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.05.30 10:01:11 | 000,220,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.08.19 16:39:57 | 000,000,016 | ---- | C] () -- C:\Program Files\Common Files\dht342126
[2008.04.14 06:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.02.02 13:52:23 | 000,011,253 | -H-- | C] () -- C:\Program Files\folder.htt
[2006.12.31 04:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.12.31 18:35:42 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,928 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,429,454 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,078,466 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009.11.10 23:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\22718222
[2011.04.05 16:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\34186
[2010.04.14 00:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\53110717
[2011.11.05 19:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.11.23 21:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\bProtector
[2010.04.01 12:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2011.10.28 18:13:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.12.02 16:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Fighters
[2011.09.01 19:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Kristanix Games
[2011.12.11 13:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.06.12 16:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PhotoStitch
[2011.07.19 19:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Research In Motion
[2011.11.11 17:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.01.23 17:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\aAvgApi
[2011.11.06 10:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\AVG Secure Search
[2011.10.28 21:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\AVG2012
[2011.07.03 16:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\bsbandmltbpi
[2011.09.04 19:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Canneverbe Limited
[2011.11.23 22:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\file2linkib
[2011.10.13 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Inbox Toolbar
[2011.01.09 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Jpeg Resampler
[2011.11.06 10:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\mediabarbs
[2011.12.08 22:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\OpenOffice.org
[2011.05.22 12:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Opera
[2011.07.25 13:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Research In Motion
[2011.02.06 16:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Zoner
[2010.04.05 11:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\aAvgApi
[2011.10.30 21:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG
[2011.10.28 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG Secure Search
[2011.10.28 18:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG2012
[2011.05.07 11:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\bsbandmltbpi
[2010.04.01 12:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Canneverbe Limited
[2011.11.23 21:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\file2linkib
[2011.06.25 16:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\mediabarbs
[2011.10.03 19:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\NeuroProgrammer3
[2011.12.07 22:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\OpenOffice.org
[2009.05.30 10:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Opera
[2011.11.23 21:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\PerformerSoft
[2009.05.30 12:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\ProfiCAD
[2009.06.28 16:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\QIP
[2011.09.02 23:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Research In Motion
[2011.09.01 19:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Rovio
[2009.07.12 19:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Zoner
[2011.10.30 22:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\AVG2012
[2011.07.28 13:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\Opera

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 07:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)

< >

< MD5 for: AGP440.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 06:10:02 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 05:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 21:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 05:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 05:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008.04.14 05:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 05:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 05:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: FASTFAT.SYS >
[2008.04.13 21:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\dllcache\fastfat.sys
[2008.04.13 21:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 21:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.06.23 11:12:16 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\NLDRV\001\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 04:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 05:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 05:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 21:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 05:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.13 21:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.13 21:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS

< MD5 for: SCECLI.DLL >
[2008.04.14 05:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 05:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 11:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 11:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 11:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 05:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 05:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 11:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 05:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 05:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 05:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 05:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 12:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 12:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2002.07.17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\aspi32.BAK
[2001.10.25 15:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 15:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2011.07.19 19:16:36 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.07.19 19:16:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_RimUsb_01009.Wdf

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.12.10 20:57:50 | 000,220,040 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.12.07 11:59:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2010.02.04 17:27:16 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.02.04 17:17:18 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010.02.04 17:27:16 | 019,136,512 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.02.04 17:27:18 | 004,718,592 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[22 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp files -> C:\WINDOWS\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[4 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.06.27 20:19:12 | 000,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\.zreglib
[2010.02.04 17:29:22 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.11.23 21:32:28 | 000,001,661 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\repository.xml

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.11.23 21:31:27 | 000,803,328 | ---- | M] (bProtector) -- C:\Documents and Settings\All Users\Data Aplikací\bProtector\bProtect.exe
[2011.06.30 09:37:06 | 000,198,984 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Comodo\Installer\ComodoCleanup.exe
[5 C:\Documents and Settings\All Users\Data Aplikací\Comodo\Installer\*.tmp files -> C:\Documents and Settings\All Users\Data Aplikací\Comodo\Installer\*.tmp -> ]

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2010.04.05 11:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\aAvgApi
[2009.05.30 10:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Adobe
[2009.05.30 10:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AdobeUM
[2011.10.30 21:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG
[2011.10.28 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG Secure Search
[2011.10.28 18:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG2012
[2010.02.04 18:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG8
[2011.05.07 11:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\bsbandmltbpi
[2010.04.01 12:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Canneverbe Limited
[2011.01.02 18:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\CANON INC
[2011.11.01 22:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Comodo
[2011.11.23 21:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\file2linkib
[2011.05.07 11:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Google
[2010.01.29 13:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Help
[2009.05.30 10:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Identities
[2009.05.30 11:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Macromedia
[2011.06.25 16:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\mediabarbs
[2011.10.28 17:52:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft
[2011.10.03 19:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\NeuroProgrammer3
[2010.07.24 19:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Norton Utilities 14
[2011.12.07 22:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\OpenOffice.org
[2009.05.30 10:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Opera
[2011.11.23 21:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\PerformerSoft
[2009.05.30 12:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\ProfiCAD
[2009.06.28 16:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\QIP
[2009.12.13 14:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Real
[2011.09.02 23:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Research In Motion
[2011.09.01 19:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Rovio
[2009.08.13 12:26:18 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Dolní\Data aplikací\SecuROM
[2011.08.09 22:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Skype
[2010.01.23 11:42:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\SkypeMate
[2011.08.08 20:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\skypePM
[2011.08.17 20:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Sun
[2009.06.20 13:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\WinRAR
[2009.07.12 19:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Zoner
[2010.12.07 16:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\ZoomBrowser EX

< %APPDATA%\*.* >
[2011.09.02 23:27:18 | 000,000,954 | ---- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\BBMS_EXCEPTION.txt
[2009.05.30 10:02:02 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\desktop.ini
[2011.12.07 21:39:28 | 000,016,688 | ---- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\GDIPFONTCACHEV1.DAT

< %APPDATA%\*.exe /s >
[2011.11.23 21:43:49 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
[2011.11.23 21:43:49 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
[2011.11.23 21:43:49 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
[2011.11.23 21:43:49 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
[2011.07.19 20:20:39 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}\ARPPRODUCTICON.exe
[2011.07.19 19:15:56 | 000,413,696 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{3E79F719-BE4A-4579-9FFF-559EF7A81AB4}\ARPPRODUCTICON.exe
[2011.07.19 19:15:56 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{3E79F719-BE4A-4579-9FFF-559EF7A81AB4}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.08.18 21:00:24 | 000,099,678 | R--- | M] () -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{E2B4FE1C-2CFA-47EE-A88C-A14D0FF1F0B0}\_FA1973C448F0CDEF5FD499.exe
[2011.07.19 19:32:50 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\DesktopMgr.exe
[2011.07.19 19:32:50 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.07.19 19:32:51 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.07.19 19:32:51 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.07.19 19:32:51 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.07.19 19:32:51 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.07.19 19:32:51 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.07.19 19:32:51 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.07.19 19:32:50 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe
[2011.07.19 19:32:51 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe
[2011.07.19 19:32:50 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Installer\{F11E0BBC-5CB9-4D64-A942-6B64043BED97}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe
[2010.05.27 20:58:48 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Real\Update\setup3.10\setup.exe
[2011.11.20 19:46:46 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.12.04 19:08:21 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Dolní\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.01\rnupgagent.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
"AUPowerManagement" = 0
"IncludeRecommendedUpdates" = 0
"AutoInstallMinorUpdates" = 0
"DetectionFrequencyEnabled" = 0
"NoAUAsDefaultShutdownOption" = 0
"NoAUShutdownOption" = 1

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-29 22:08:28

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.11 14:53:49 | 000,000,512 | ---- | M] () MD5=21954C6A813125BBE683D3259A510EAC -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Dolní\Plocha\Geologické epochy.psd:SummaryInformation
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D287FACF
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:157E1AD3
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4

< End of report >

rokony · #23 Příspěvek od **rokony** » 11 pro 2011 15:21

A teď test z nouzového režimu:

OTL logfile created on: 11. 12. 2011 14:33:26 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = F:\Testovací prog
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

767,53 Mb Total Physical Memory | 618,76 Mb Available Physical Memory | 80,62% Memory free
1,71 Gb Paging File | 1,63 Gb Available in Paging File | 95,50% Paging File free
Paging file location(s): D:\pagefile.sys 1024 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,49 Gb Free Space | 12,75% Space Free | Partition Type: NTFS
Drive D: | 11,95 Gb Total Space | 2,49 Gb Free Space | 20,84% Space Free | Partition Type: FAT32
Drive F: | 963,70 Mb Total Space | 232,48 Mb Free Space | 24,12% Space Free | Partition Type: FAT

Computer Name: DOLNI | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2011.12.11 13:43:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\Testovací prog\OTL.exe
PRC - [2008.04.14 05:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2011.11.23 21:31:27 | 000,748,544 | ---- | M] () -- C:\WINDOWS\system32\protector.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Auto | Stopped] -- -- (helpsvc)
SRV - [2011.11.23 21:31:27 | 000,803,328 | ---- | M] (bProtector) [Auto | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\bProtector\bProtect.exe -- (bProtector)
SRV - [2011.11.23 21:21:16 | 000,273,912 | ---- | M] () [Auto | Stopped] -- C:\Program Files\InstallBrainService\InstallBrainService.exe -- (InstallBrainService)
SRV - [2011.10.28 18:13:21 | 000,246,600 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.10.07 18:47:13 | 001,883,328 | ---- | M] (COMODO) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.08.02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010.03.04 21:38:00 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009.09.08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - [2011.10.07 18:48:02 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011.10.07 18:48:01 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.10.07 18:48:00 | 000,492,768 | ---- | M] (COMODO) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.10.07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011.10.04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.09.13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.08.08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.07.11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.07.11 00:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.07.11 00:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011.07.11 00:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2009.11.12 12:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.04.14 06:10:02 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 21:05:40 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2003.10.28 15:06:16 | 000,014,352 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PvXBAR.sys -- (PVXBAR)
DRV - [2003.10.28 15:05:26 | 000,071,151 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pv848.sys -- (Pv848)
DRV - [2003.10.28 15:04:18 | 000,032,930 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PvTUNER.sys -- (PVTUNER)
DRV - [2003.07.18 02:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp)
DRV - [2002.07.17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aspi32.BAK -- (Aspi32)
DRV - [2001.08.17 21:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.goonsearch.com/?source=IBR-IB-PDP-INS-HP

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1078081533-492894223-1606980848-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1078081533-492894223-1606980848-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ [2011.11.05 20:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011.11.22 13:42:05 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011.11.01 20:53:41 | 000,437,882 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15062 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (WindowShopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SuperFish\Superfish.dll (Superfish)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Dolní\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (File2LinkIB) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll ()
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (File2LinkIB) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [jusched] %APPDATA%\jusched.exe File not found
O4 - HKU\S-1-5-18..\Run: [jusched] %APPDATA%\jusched.exe File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - Startup: C:\Documents and Settings\Cernopolak\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-492894223-1606980848-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1078081533-492894223-1606980848-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: WindowShopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\SuperFish\Superfish.dll (Superfish)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8862CCCC-5EBE-4341-A372-BCF758AA33EE}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.24 20:05:44 | 000,000,141 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.02.02 15:14:36 | 000,000,170 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ NTFS ]
O32 - AutoRun File - [2008.02.02 16:08:08 | 000,000,170 | ---- | M] () - C:\AUTOEXEC.NU4 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - File not found
NetSvcs: SSHNAS - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 60 Days ==========

[2011.12.10 20:25:52 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.12.10 19:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2011.12.10 19:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011.12.10 19:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011.12.10 19:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011.12.10 19:10:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2011.12.10 19:03:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2011.12.10 19:03:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011.12.10 18:57:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
[2011.12.10 18:55:28 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.12.10 18:46:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.12.07 22:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011.12.07 22:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011.12.07 22:15:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.12.07 22:15:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.12.07 22:15:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.12.02 16:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Fighters
[2011.11.30 22:09:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.11.30 22:09:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.11.30 22:09:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.11.29 20:59:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.11.29 19:42:07 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.11.29 19:38:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.11.29 19:37:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.DOLNI\Dokumenty\Filmy
[2011.11.29 19:37:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.DOLNI\Dokumenty\Obrázky
[2011.11.29 19:37:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.DOLNI\Nabídka Start\Programy\Nástroje pro správu
[2011.11.29 19:37:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.DOLNI\Dokumenty\Hudba
[2011.11.29 19:37:07 | 004,321,290 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrator.DOLNI\Plocha\ComboFix.exe
[2011.11.29 19:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.DOLNI\Local Settings\Data aplikací\Adobe
[2011.11.29 19:36:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.DOLNI\Data aplikací\Adobe
[2011.11.29 19:36:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.DOLNI\IETldCache
[2011.11.29 19:35:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.DOLNI\Cookies
[2011.11.29 19:35:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.DOLNI\Local Settings\Data aplikací\Microsoft
[2011.11.29 19:35:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.DOLNI\Data aplikací\Microsoft
[2011.11.29 19:35:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.DOLNI\SendTo
[2011.11.29 19:35:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.DOLNI\Data aplikací
[2011.11.29 19:35:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.DOLNI\Nabídka Start\Programy\Příslušenství
[2011.11.29 19:35:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.DOLNI\Nabídka Start\Programy\Po spuštění
[2011.11.29 19:35:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.DOLNI\Nabídka Start
[2011.11.29 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.DOLNI\Šablony
[2011.11.29 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.DOLNI\Recent
[2011.11.29 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.DOLNI\Okolní tiskárny
[2011.11.29 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.DOLNI\Okolní síť
[2011.11.29 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.DOLNI\Local Settings
[2011.11.29 19:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.DOLNI\Plocha
[2011.11.29 19:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.DOLNI\Oblíbené položky
[2011.11.29 19:35:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.DOLNI\Dokumenty
[2011.11.29 19:26:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.11.29 19:26:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.11.26 19:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.26 19:16:02 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.23 21:43:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2011.11.23 21:32:15 | 000,017,456 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011.11.23 21:31:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
[2011.11.23 21:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\bProtector
[2011.11.23 21:30:28 | 000,000,000 | ---D | C] -- C:\Program Files\SuperFish
[2011.11.23 21:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\file2linkib
[2011.11.23 21:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\InstallBrainService
[2011.11.18 18:27:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ZoomBrowser
[2011.11.18 18:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities
[2011.11.11 17:53:53 | 000,033,984 | ---- | C] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2011.11.05 20:20:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\COMODO
[2011.11.05 20:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
[2011.11.01 20:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Comodo
[2011.11.01 20:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2011.10.28 18:47:27 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.10.28 18:13:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG 2012
[2011.10.28 18:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011.10.28 18:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011.10.28 18:13:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.10.28 18:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.10.28 18:10:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011.10.28 18:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2011.12.11 14:34:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.11 14:29:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.11 12:51:18 | 111,839,177 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011.12.10 20:57:50 | 000,220,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.07 21:32:14 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011.12.07 11:59:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.04 18:09:44 | 000,004,692 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2011.12.04 18:09:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2011.12.02 18:50:32 | 000,026,143 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011.11.29 23:07:58 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.11.29 23:04:28 | 000,432,928 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.29 23:04:28 | 000,429,454 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.11.29 23:04:28 | 000,078,466 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.11.29 23:04:28 | 000,067,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.29 19:42:12 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.11.29 19:38:11 | 004,321,290 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator.DOLNI\Plocha\ComboFix.exe
[2011.11.29 19:35:56 | 000,000,700 | RHS- | M] () -- C:\Documents and Settings\Administrator.DOLNI\ntuser.pol
[2011.11.23 21:32:28 | 000,001,661 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\repository.xml
[2011.11.23 21:31:27 | 000,748,544 | ---- | M] () -- C:\WINDOWS\System32\protector.dll
[2011.11.22 13:42:06 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 2012.lnk
[2011.11.18 18:56:28 | 000,114,933 | -H-- | M] () -- C:\ZbThumbnail.info
[2011.11.18 18:27:33 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2011.11.18 18:00:08 | 000,000,410 | ---- | M] () -- C:\WINDOWS\ULead32.ini
[2011.11.07 20:18:27 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011.11.05 20:20:18 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2011.11.02 15:16:08 | 000,017,456 | ---- | M] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2011.11.01 20:53:41 | 000,437,882 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.11 12:51:18 | 111,839,177 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011.12.07 22:47:45 | 000,001,946 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft PowerPoint Viewer .lnk
[2011.12.02 18:50:32 | 000,026,143 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011.11.30 22:09:24 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.11.30 22:09:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.11.30 22:09:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.11.30 22:09:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.11.29 22:41:05 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.11.29 19:42:12 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.11.29 19:42:07 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.11.29 19:38:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.11.29 19:35:56 | 000,000,700 | RHS- | C] () -- C:\Documents and Settings\Administrator.DOLNI\ntuser.pol
[2011.11.29 19:35:48 | 000,001,509 | ---- | C] () -- C:\Documents and Settings\Administrator.DOLNI\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2011.11.29 19:35:48 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\Administrator.DOLNI\Nabídka Start\Programy\Windows Media Player.lnk
[2011.11.27 18:43:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.23 21:32:27 | 000,001,661 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\repository.xml
[2011.11.23 21:31:27 | 000,748,544 | ---- | C] () -- C:\WINDOWS\System32\protector.dll
[2011.11.18 18:27:33 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2011.11.05 20:20:18 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2011.11.01 20:26:03 | 000,000,211 | ---- | C] () -- C:\boot.ini.comodofirewall
[2011.10.28 18:13:41 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AVG 2012.lnk
[2011.07.19 19:34:29 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2011.01.02 20:10:55 | 000,473,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.10.01 11:18:28 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDIdle.INI
[2010.06.27 20:19:10 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2010.04.01 12:48:57 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.01.22 22:07:15 | 000,000,057 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.12.30 13:06:29 | 000,135,168 | ---- | C] () -- C:\WINDOWS\AmCap5a.exe
[2009.12.30 13:06:29 | 000,004,604 | ---- | C] () -- C:\WINDOWS\ALIAS.INI
[2009.12.30 13:06:29 | 000,003,977 | ---- | C] () -- C:\WINDOWS\PV_Tuner.ini
[2009.12.30 13:06:29 | 000,003,450 | ---- | C] () -- C:\WINDOWS\FINETUNE.INI
[2009.12.30 13:06:29 | 000,003,107 | ---- | C] () -- C:\WINDOWS\REMAP.INI
[2009.12.30 13:06:29 | 000,003,073 | ---- | C] () -- C:\WINDOWS\frequency.ini
[2009.12.30 13:06:29 | 000,001,571 | ---- | C] () -- C:\WINDOWS\HOL.INI
[2009.12.30 13:06:29 | 000,001,115 | ---- | C] () -- C:\WINDOWS\AUS.INI
[2009.12.30 13:06:29 | 000,000,895 | ---- | C] () -- C:\WINDOWS\TAIWAN.INI
[2009.12.30 13:06:29 | 000,000,881 | ---- | C] () -- C:\WINDOWS\US.INI
[2009.12.30 13:06:29 | 000,000,875 | ---- | C] () -- C:\WINDOWS\ROMANIA-MSDN.INI
[2009.12.30 13:06:29 | 000,000,868 | ---- | C] () -- C:\WINDOWS\FRANCE.INI
[2009.12.30 13:06:29 | 000,000,817 | ---- | C] () -- C:\WINDOWS\OIRT.INI
[2009.12.30 13:06:29 | 000,000,751 | ---- | C] () -- C:\WINDOWS\IC.INI
[2009.12.30 13:06:29 | 000,000,711 | ---- | C] () -- C:\WINDOWS\FOT.INI
[2009.12.30 13:06:29 | 000,000,651 | ---- | C] () -- C:\WINDOWS\ANGOLA.INI
[2009.12.30 13:06:29 | 000,000,648 | ---- | C] () -- C:\WINDOWS\UK.INI
[2009.12.30 13:06:29 | 000,000,648 | ---- | C] () -- C:\WINDOWS\CCIR.INI
[2009.12.30 13:06:29 | 000,000,641 | ---- | C] () -- C:\WINDOWS\CHINA.INI
[2009.12.30 13:06:29 | 000,000,625 | ---- | C] () -- C:\WINDOWS\SA.INI
[2009.12.30 13:06:29 | 000,000,618 | ---- | C] () -- C:\WINDOWS\IR.INI
[2009.12.30 13:06:29 | 000,000,616 | ---- | C] () -- C:\WINDOWS\MO.INI
[2009.12.30 13:06:29 | 000,000,615 | ---- | C] () -- C:\WINDOWS\NZ.INI
[2009.12.30 13:06:29 | 000,000,615 | ---- | C] () -- C:\WINDOWS\NE.INI
[2009.12.30 13:06:29 | 000,000,607 | ---- | C] () -- C:\WINDOWS\IN.INI
[2009.12.30 13:06:29 | 000,000,602 | ---- | C] () -- C:\WINDOWS\ROMANIA.INI
[2009.12.30 13:06:29 | 000,000,587 | ---- | C] () -- C:\WINDOWS\JAPAN.INI
[2009.12.30 13:06:29 | 000,000,567 | ---- | C] () -- C:\WINDOWS\IT.INI
[2009.12.30 13:06:29 | 000,000,555 | ---- | C] () -- C:\WINDOWS\ISR.INI
[2009.12.30 13:06:29 | 000,000,481 | ---- | C] () -- C:\WINDOWS\RUSSIA.INI
[2009.12.13 14:43:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.06.06 21:38:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.06.02 19:19:18 | 000,001,123 | ---- | C] () -- C:\WINDOWS\mgreg.ini
[2009.06.02 19:19:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\mgwin.ini
[2009.05.31 12:40:38 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.30 15:49:59 | 000,003,021 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.05.30 15:49:53 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.05.30 14:46:36 | 000,004,692 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.05.30 12:18:08 | 000,000,410 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2009.05.30 10:22:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.05.30 10:09:51 | 000,022,916 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.05.30 10:02:36 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.05.30 10:01:11 | 000,220,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.08.19 16:39:57 | 000,000,016 | ---- | C] () -- C:\Program Files\Common Files\dht342126
[2008.04.14 06:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.02.02 13:52:23 | 000,011,253 | -H-- | C] () -- C:\Program Files\folder.htt
[2006.12.31 04:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.12.31 18:35:42 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,928 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,429,454 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,078,466 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009.11.10 23:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\22718222
[2011.04.05 16:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\34186
[2010.04.14 00:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\53110717
[2011.11.05 19:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.11.23 21:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\bProtector
[2010.04.01 12:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2011.10.28 18:13:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.12.02 16:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Fighters
[2011.09.01 19:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Kristanix Games
[2011.12.11 13:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.06.12 16:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PhotoStitch
[2011.07.19 19:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Research In Motion
[2011.11.11 17:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.01.23 17:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\aAvgApi
[2011.11.06 10:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\AVG Secure Search
[2011.10.28 21:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\AVG2012
[2011.07.03 16:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\bsbandmltbpi
[2011.09.04 19:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Canneverbe Limited
[2011.11.23 22:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\file2linkib
[2011.10.13 20:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Inbox Toolbar
[2011.01.09 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Jpeg Resampler
[2011.11.06 10:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\mediabarbs
[2011.12.08 22:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\OpenOffice.org
[2011.05.22 12:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Opera
[2011.07.25 13:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Research In Motion
[2011.02.06 16:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cernopolak\Data aplikací\Zoner
[2010.04.05 11:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\aAvgApi
[2011.10.30 21:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG
[2011.10.28 18:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG Secure Search
[2011.10.28 18:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\AVG2012
[2011.05.07 11:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\bsbandmltbpi
[2010.04.01 12:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Canneverbe Limited
[2011.11.23 21:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\file2linkib
[2011.06.25 16:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\mediabarbs
[2011.10.03 19:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\NeuroProgrammer3
[2011.12.07 22:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\OpenOffice.org
[2009.05.30 10:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Opera
[2011.11.23 21:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\PerformerSoft
[2009.05.30 12:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\ProfiCAD
[2009.06.28 16:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\QIP
[2011.09.02 23:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Research In Motion
[2011.09.01 19:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Rovio
[2009.07.12 19:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dolní\Data aplikací\Zoner
[2011.10.30 22:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\AVG2012
[2011.07.28 13:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\Opera

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\CTFMON.EXE -- [2008.04.14 05:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< MD5 for: AGP440.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 06:10:02 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 05:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 21:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 05:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 05:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008.04.14 05:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 05:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 05:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: FASTFAT.SYS >
[2008.04.13 21:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\dllcache\fastfat.sys
[2008.04.13 21:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 21:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.06.23 11:12:16 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\NLDRV\001\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 06:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 04:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 05:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 05:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 21:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 05:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.13 21:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.13 21:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS

< MD5 for: SCECLI.DLL >
[2008.04.14 05:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 05:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 11:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 11:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 11:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 05:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 05:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 11:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 05:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 05:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 05:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 05:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 12:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 12:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2002.07.17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\aspi32.BAK
[2001.10.25 15:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 15:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2011.07.19 19:16:36 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.07.19 19:16:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_RimUsb_01009.Wdf

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.12.10 20:57:50 | 000,220,040 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.12.07 11:59:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2010.02.04 17:27:16 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.02.04 17:17:18 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010.02.04 17:27:16 | 019,136,512 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.02.04 17:27:18 | 004,718,592 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[22 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp files -> C:\WINDOWS\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[3 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.06.27 20:19:12 | 000,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\.zreglib
[2010.02.04 17:29:22 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.11.23 21:32:28 | 000,001,661 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\repository.xml

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.11.23 21:31:27 | 000,803,328 | ---- | M] (bProtector) -- C:\Documents and Settings\All Users\Data Aplikací\bProtector\bProtect.exe
[2011.06.30 09:37:06 | 000,198,984 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Comodo\Installer\ComodoCleanup.exe
[5 C:\Documents and Settings\All Users\Data Aplikací\Comodo\Installer\*.tmp files -> C:\Documents and Settings\All Users\Data Aplikací\Comodo\Installer\*.tmp -> ]

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.11.29 19:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.DOLNI\Data aplikací\Adobe
[2011.11.29 19:35:49 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator.DOLNI\Data aplikací\Microsoft

< %APPDATA%\*.* >
[2010.02.04 17:29:22 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator.DOLNI\Data aplikací\desktop.ini

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
"AUPowerManagement" = 0
"IncludeRecommendedUpdates" = 0
"AutoInstallMinorUpdates" = 0
"DetectionFrequencyEnabled" = 0
"NoAUAsDefaultShutdownOption" = 0
"NoAUShutdownOption" = 1

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-29 22:08:28

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.11 14:34:09 | 000,000,512 | ---- | M] () MD5=21954C6A813125BBE683D3259A510EAC -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D287FACF
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:157E1AD3
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4

< End of report >

#24 Příspěvek od **motji** » 12 pro 2011 21:51

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D287FACF
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:157E1AD3
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\All Users\Data Aplikací\.zreglib

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[clearallrestorepoints]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

Můžete mrknout do těchto složek? Znáte je?
C:\Documents and Settings\All Users\Data aplikací\22718222
C:\Documents and Settings\All Users\Data aplikací\34186
C:\Documents and Settings\All Users\Data aplikací\53110717

rokony · #25 Příspěvek od **rokony** » 13 pro 2011 18:22

Obsah těch adresářů mi nic neříká.
Office bohužel stále nefungují...

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D287FACF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:157E1AD3 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\SET2C.tmp moved successfully.
C:\WINDOWS\SET2F.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET3B.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP141.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP144.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP158.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP222.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP249.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2AA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP369.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP446.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP548.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP685.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A9.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI10.tmp moved successfully.
C:\WINDOWS\Installer\MSI11.tmp moved successfully.
C:\WINDOWS\Installer\MSI12.tmp moved successfully.
C:\WINDOWS\Installer\MSI13.tmp moved successfully.
C:\WINDOWS\Installer\MSI14.tmp moved successfully.
C:\WINDOWS\Installer\MSI16.tmp moved successfully.
C:\WINDOWS\Installer\MSI1C.tmp moved successfully.
C:\WINDOWS\Installer\MSI2B.tmp moved successfully.
C:\WINDOWS\Installer\MSI33.tmp moved successfully.
C:\WINDOWS\Installer\MSI9.tmp moved successfully.
C:\WINDOWS\Installer\MSIE.tmp moved successfully.
C:\WINDOWS\Installer\MSIF.tmp moved successfully.
C:\WINDOWS\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\upd83.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\temp\1.tmp moved successfully.
C:\WINDOWS\temp\10.tmp moved successfully.
C:\WINDOWS\temp\2.tmp moved successfully.
C:\WINDOWS\temp\3.tmp moved successfully.
C:\WINDOWS\temp\4.tmp moved successfully.
C:\WINDOWS\temp\5.tmp moved successfully.
C:\WINDOWS\temp\6.tmp moved successfully.
C:\WINDOWS\temp\7.tmp moved successfully.
C:\WINDOWS\temp\8.tmp moved successfully.
C:\WINDOWS\temp\9.tmp moved successfully.
C:\WINDOWS\temp\A.tmp moved successfully.
C:\WINDOWS\temp\B.tmp moved successfully.
C:\WINDOWS\temp\D.tmp moved successfully.
C:\Documents and Settings\All Users\Data Aplikací\.zreglib moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.DOLNI
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Cernopolak
->Temp folder emptied: 43579921 bytes
->Temporary Internet Files folder emptied: 23323896 bytes
->Java cache emptied: 3442 bytes
->Opera cache emptied: 22364355 bytes
->Flash cache emptied: 28410 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: DOLNM

User: Dolní
->Temp folder emptied: 6551 bytes
->Temporary Internet Files folder emptied: 85370 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 5955300 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1155 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 2158288 bytes
->Flash cache emptied: 615 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 88357 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 93,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.DOLNI

User: All Users

User: Cernopolak
->Flash cache emptied: 0 bytes

User: Default User

User: DOLNM

User: Dolní
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 12132011_175137

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

rokony · #26 Příspěvek od **rokony** » 13 pro 2011 22:58

Nemůže být chyba v harddisku, nebo řadiči? Je hrozně pomalý, koukněte se prosím na graf v příloze.
Děkuji!

rokony · #27 Příspěvek od **rokony** » 14 pro 2011 11:57

Ještě parametry...
Nechal jsem udělat Windowsový test disku s automatickou opravou a přestal startovat jeden uživatelský profil, druhý funguje. Naběhne jen tapeta bez ikon a dál nic. Přes Správce úloh přepnu uživatele a tam je vše OK.

#28 Příspěvek od **motji** » 15 pro 2011 13:13

Prosím z crystalu přímo log.

rokony · #29 Příspěvek od **rokony** » 15 pro 2011 18:19

Nevypadá to zle.

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.4 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2011/12/15 18:12:46

-- Controller Map ----------------------------------------------------------
+ Řadič SiS rozhraní IDE ke sběrnici PCI [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- TSSTcorp CDDVDW SH-S202N
- Maxtor 6E040L0

-- Disk List ---------------------------------------------------------------
(1) Maxtor 6E040L0 : 41.1 GB [0-1-0, pd1]

----------------------------------------------------------------------------
(1) Maxtor 6E040L0
----------------------------------------------------------------------------
Model : Maxtor 6E040L0
Firmware : NAR61EA0
Serial Number : E10G9SMN
Disk Size : 41.1 GB (8.4/41.1/----)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 80293248
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : Ultra DMA/133
Power On Hours : 204 hod. (?)
Power On Count : 5838 krát
Temparature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 220 219 _63 00000000326D Čas na roztočení ploten
04 252 252 __0 000000000ED1 Počet spuštění/zastavení
05 253 253 _63 000000000000 Počet přemapovaných sektorů
06 253 253 100 000000000000 Počet dosáhnutí konce při čtení
07 253 252 __0 000000000000 Počet chybných hledání
08 246 242 187 0000000088D9 Čas potřebný na vyhledání
09 240 240 __0 00000000300A Hodin v činnosti
0A 253 252 157 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 252 223 000000000000 Počet pokusů o překalibrování
0C 239 239 __0 0000000016CE Počet cyklů zapnutí zařízení
C0 250 250 __0 000000000BA7 Počet vypnutí disku
C1 251 251 __0 00000000213F Počet cyklů načítání/vymazání
C2 253 253 __0 000000000020 Teplota
C3 253 252 __0 000000007B61 Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 197 __1 __0 0000000001BF Počet chyb v kontrolním součtu UltraDMA
C8 253 252 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 252 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 252 __0 000000000000 Počet chyb při směrování údajů
CB 253 252 180 000000000003 Počet chyb v kódech na opravu chyb
CC 253 252 __0 000000000000 Počet softvérově opravených chyb v opravných kódech
CD 253 252 __0 000000000000 Počet chyb způsobených vysokou teplotou
CF 253 252 __0 000000000000 Množství napětí potřebného na roztočení disku
D0 253 252 __0 000000000000 Počet vyslaných impulzů na roztočení disku při nedostatečném napájení
D1 190 190 __0 000000000000 Výkon při vyhledávaní na disku při interních testech disku
63 253 253 __0 000000000000 Neznámý
64 253 253 __0 000000000000 Neznámý
65 253 253 __0 000000000000 Neznámý

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 40 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 45 31 30 47 39 53 4D 4E 20 20 20 20
020: 20 20 20 20 20 20 20 20 00 03 10 00 00 39 4E 41
030: 52 36 31 45 41 30 4D 61 78 74 6F 72 20 36 45 30
040: 34 30 4C 30 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 2D 80 04 C9 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 FE 00 1E 7C 6B 7B 09 40 03 7C 69 3A 01 40 03
0B0: 04 7F 00 00 00 00 00 00 FF FE 60 3B C0 FE 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2A A5

#30 Příspěvek od **motji** » 15 pro 2011 22:23

Ale tohle moc v pořádku není

C7 197 __1 __0 0000000001BF Počet chyb v kontrolním součtu UltraDMA

Mrkněte na datový kabel, zda není třeba překroucený, poškozený...

VIRY.CZ

Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...

Re: Pro Motji...