Prosim o kontrolu pc

Zpráva

CatCathy · #1 Příspěvek od **CatCathy** » 26 pro 2011 04:37

Pohodove svatky vsem!
Mam malou prosbu - pres svatky jsem u rodicu a poprosili me o pomoc s jejich pc je nejake pomalejsi a jestli je vse v poradku - provedla jsem kompletni kontrolu antivirem - maji Avast verzi pro domaci pouziti - nasel nejake viry win32 - vse jsem odstranila.

Log RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2011-12-26 01:47:46
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 39 GB (65%) free of 60 GB
Total RAM: 894 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:48:10, on 26.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
D:\HRY\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\LevelOne\Common\RaUI.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\programy\uklid pc\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe
C:\WINDOWS\system32\msfeedssync.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\HRY\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PCSpeedUp] "C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = ?
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: LevelOne Wireless Utility.lnk = C:\Program Files\LevelOne\Common\RaUI.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Uživatel\Nabídka Start\Programy\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F51C9AF3-F5AD-4B56-A9FE-07138A0B86C1}: NameServer = 212.80.66.7,82.100.61.254
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 8145 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{59763835-7CA5-47A9-AF15-33398A318979}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz"
prefs.js - "extensions.enabledItems" - "{90b49673-5506-483e-b92b-ca0265bd9ca8}:2.7.2.0, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2612669&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{90b49673-5506-483e-b92b-ca0265bd9ca8}

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-11 342192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll [2011-12-11 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-11 342192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-06-21 35328]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-05-15 1628208]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-05-15 1057328]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-11-28 3744552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2007-10-23 443968]
"DAEMON Tools Lite"=D:\HRY\DAEMON Tools Lite\daemon.exe [2008-07-04 486856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
LevelOne Wireless Utility.lnk - C:\Program Files\LevelOne\Common\RaUI.exe

C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění
IMVU.lnk - C:\Documents and Settings\Uživatel\Data aplikací\IMVUClient\IMVUQualityAgent.exe
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-15 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\ICQ6\ICQ.exe"="D:\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\HRY\vietcong.exe"="D:\HRY\vietcong.exe:*:Disabled:vietcong"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\ICQ6.5\ICQ.exe"="D:\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Kyodai Mahjongg 2006\kmj.exe"="C:\Program Files\Kyodai Mahjongg 2006\kmj.exe:*:Disabled:Kyodai Mahjongg"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.divxa32"=DivXa32.acm
"vidc.DIVX"=DivX.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.HFYU"=huffyuv.dll
"vidc.ffds"=C:\Program Files\ffdshow\ffdshow.ax
"VIDC.YV12"=divx.dll
"msacm.lhacm"=lhacm.acm
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-12-26 01:47:47 ----D---- C:\Program Files\trend micro
2011-12-26 01:47:46 ----D---- C:\rsit
2011-12-26 00:13:26 ----D---- C:\programy
2011-12-15 04:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-15 04:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-15 04:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-15 04:33:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-15 04:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-15 04:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-15 04:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$

======List of files/folders modified in the last 1 month======

2011-12-26 01:48:06 ----D---- C:\WINDOWS\Prefetch
2011-12-26 01:47:47 ----RD---- C:\Program Files
2011-12-26 01:43:48 ----D---- C:\WINDOWS\Temp
2011-12-26 01:43:26 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org2
2011-12-26 00:16:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-26 00:16:34 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-26 00:13:49 ----AC---- C:\WINDOWS\wincmd.ini
2011-12-26 00:12:18 ----SHD---- C:\WINDOWS\Installer
2011-12-26 00:12:18 ----D---- C:\Config.Msi
2011-12-26 00:12:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-12-26 00:12:04 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2011-12-26 00:10:17 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-12-26 00:10:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-12-25 23:49:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-25 23:40:17 ----SD---- C:\WINDOWS\Tasks
2011-12-20 04:19:54 ----D---- C:\WINDOWS\system32
2011-12-15 13:16:32 ----D---- C:\WINDOWS
2011-12-15 04:37:39 ----HD---- C:\WINDOWS\inf
2011-12-15 04:37:27 ----A---- C:\WINDOWS\imsins.BAK
2011-12-15 04:37:07 ----D---- C:\Program Files\Internet Explorer
2011-12-15 04:36:51 ----D---- C:\WINDOWS\ie8updates
2011-12-15 04:36:44 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-15 04:33:51 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-11 13:25:23 ----D---- C:\Program Files\Google
2011-12-11 13:25:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-12-10 19:34:44 ----D---- C:\Program Files\Mozilla Firefox
2011-12-06 23:30:08 ----D---- C:\WINDOWS\system32\config
2011-11-29 04:17:01 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-09-27 36560]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-07-07 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-05-15 37040]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-05-15 38576]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-04 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-15 2301440]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-05-15 118576]
S3 a94kh8iw;a94kh8iw; C:\WINDOWS\system32\drivers\a94kh8iw.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-05-14 445696]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\ZDPNDIS5.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-15 479232]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-05-15 1550896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-20 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-07-20 189744]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-12 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-12 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-11 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Dale jsem nainstalovala Malwarebytes a po uplne kontrole nasel jednu hrozbu a to Trojan.backdoor
Odstranila jsem ho a vyjel mi log:
Malwarebytes' Anti-Malware
http://www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26.12.2011 2:53:30
mbam-log-2011-12-26 (02-53-30).txt

Typ: Úplná kontrola (C:\|D:\|F:\|G:\|H:\|I:\|)
Kontrolované objekty: 224550
Uplynulý čas: 52 minut, 42 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\Uživatel\local settings\data aplikací\thinstall\Cache\Stubs\c6ac6327f0813d32d4936f21ac6a95e364e37a8\uruninstaller.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

Odstranila jsem ho a projela SUPERAntispywarem a nemuzu vlozit log, protoze je zprava uz moc dlouha a nezobrazuje se, ale naslo to pouze adware tracking cookie. Prepokladam, ze bych je mela vsechny smazat.

Vyskytuje se tam neco nebezpecneho? Muze byt jeste havet nekde v PC? Jaky by mel byt nasledujici postup?
Omlouvam se, ze obtezuji behem Vanoc, ale je to tim, ze to neni muj pc.

MOC dekuji za pomoc a preji pohodove svatky.

#2 Příspěvek od **Mc_Murphy** » 26 pro 2011 07:08

Zdravím, princezno.

Dej mi minutku, hnedle se na to mrknu.

#3 Příspěvek od **Mc_Murphy** » 26 pro 2011 07:27

Položku MBAMu jsi smazala správně.

Tracking cookies dej v klidu všechny smazat.

Jinak na první pohled nic nebezpečného v logu nevidím, ale odstraníme nějaké zbytečnosti a PC Tvých rodičů pročistíme, OK?

Pokud to jde, tak v nabídce Přidat nebo odebrat programy odinstaluj Google Toolbar.

Odinstaluj také Zrychleni Pocitace - je to blbost, počítač to vůbec nezrychluje.

Následující soubory otestuj na stránkách VirusTotal.

C:\Program Files\LevelOne\Common\RaUI.exe
Klikni na Procházet.
Soubor nehledej, jen vlož cestu souboru, který chci otestovat.
Klikni na Send File.
Pokud na Tebe vyskočí obrazovka jako je níže, klikni na Reanalyse.
Výsledek analýzy mi sem vlož (jako odkaz).

Potom fixni v HJT tyto položky:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\HRY\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PCSpeedUp] "C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = ?
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Uživatel\Nabídka Start\Programy\IMVU\Run IMVU.lnk (file missing)

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Uživatel.exe

A ještě poprosím o log z OTL.

Stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT

netsvc
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s

reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

CatCathy · #4 Příspěvek od **CatCathy** » 26 pro 2011 12:58

MOC MOC MOC MOC dekuju za pomoc!!!!!

odkaz na virus total:
http://www.virustotal.com/file-scan/rep ... 1324898342

HJT provedeno, aktualne pracuje OTL, jak vyjedou logy, hned je pridam.

Jinak Zrychleni pocitace se vubec nezobrazuje v nabidce Pridat/odebrat programy, ani v nabidce programu, je mozne, ze neni nainstalovane a mam tedy jenom smazat celou jeho slozku?

Dekuji a preji pohodovy svatecni den

#5 Příspěvek od **Mc_Murphy** » 26 pro 2011 13:00

Není vůbec zač.

Virus Total je v pořádku, soubor je čistý.

Počkám si na to OTL.

#6 Příspěvek od **Mc_Murphy** » 26 pro 2011 13:02

Ano, v HJT fixni tento řádek:
O4 - HKCU\..\Run: [PCSpeedUp] "C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe"
a složku C:\Program Files\Zrychleni Pocitace smaž.

CatCathy · #7 Příspěvek od **CatCathy** » 26 pro 2011 13:22

OTL logfile created on: 26.12.2011 12:52:12 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

894,42 Mb Total Physical Memory | 349,20 Mb Available Physical Memory | 39,04% Memory free
2,12 Gb Paging File | 1,45 Gb Available in Paging File | 68,46% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 37,43 Gb Free Space | 63,88% Space Free | Partition Type: NTFS
Drive D: | 90,45 Gb Total Space | 82,97 Gb Free Space | 91,73% Space Free | Partition Type: NTFS

Computer Name: PC-8F78D4E35003 | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.26 12:45:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
PRC - [2011.12.09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.15 02:00:10 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007.11.15 02:00:10 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007.05.15 14:55:46 | 001,550,896 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007.05.15 14:55:26 | 001,057,328 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2005.12.22 19:07:36 | 000,585,728 | ---- | M] (Digital Data Communications Co., Ltd.) -- C:\Program Files\LevelOne\Common\RaUI.exe

========== Modules (No Company Name) ==========

MOD - [2011.12.26 12:19:56 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011.12.26 12:19:56 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011.12.26 11:13:19 | 001,656,832 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122600\algo.dll
MOD - [2011.12.26 03:29:29 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011.12.26 03:29:28 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011.12.25 19:22:26 | 001,656,832 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122501\algo.dll
MOD - [2011.12.20 00:49:56 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122600\aswRep.dll
MOD - [2011.12.20 00:49:56 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11122501\aswRep.dll
MOD - [2011.10.14 08:53:09 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.13 21:48:23 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.13 21:45:56 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.13 21:45:48 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.13 21:45:23 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.13 12:06:48 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.13 12:05:59 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.13 12:04:41 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2011.10.13 12:04:38 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2008.04.03 17:42:27 | 000,233,472 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2721.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.04.03 17:42:27 | 000,184,320 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2721.36883__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.04.03 17:42:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2721.36860__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.04.03 17:42:26 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2721.36868__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.04.03 17:42:26 | 000,684,032 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2721.37064__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008.04.03 17:42:26 | 000,360,448 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2721.37092__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.04.03 17:42:26 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2721.37084__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.04.03 17:42:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2721.37043__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.04.03 17:42:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2721.36882__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2008.04.03 17:42:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2721.36981__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.04.03 17:42:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2721.36846__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.04.03 17:42:25 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2721.37121__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.04.03 17:42:01 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2721.36840__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.04.03 17:42:00 | 000,331,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2721.37050__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.04.03 17:42:00 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2721.37126__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.04.03 17:42:00 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2721.36875__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2008.04.03 17:42:00 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2721.37056__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.04.03 17:42:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2721.37049__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.04.03 17:42:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2721.36874__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2008.04.03 17:41:59 | 000,897,024 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2721.37086__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:59 | 000,790,528 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2721.36990__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:59 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2721.36896__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:59 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2721.36847__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:59 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2721.37070__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.04.03 17:41:59 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2721.36889__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:59 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2721.37009__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:59 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2721.36989__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.04.03 17:41:59 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2721.36902__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.04.03 17:41:59 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2721.37008__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.04.03 17:41:58 | 000,659,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2721.37044__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:58 | 000,475,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2721.36982__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:58 | 000,327,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2721.36975__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.04.03 17:41:58 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2721.36981__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.04.03 17:41:58 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2721.36989__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.04.03 17:41:58 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2721.37029__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.04.03 17:41:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2700.34701__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.04.03 17:41:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2700.34689__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.04.03 17:41:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2700.34750__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.04.03 17:41:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2700.34706__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.04.03 17:41:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2700.34739__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.04.03 17:41:58 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.04.03 17:41:57 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2700.34674__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.04.03 17:41:57 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2700.34697__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2700.34727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.04.03 17:41:57 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2700.34759__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2700.34671__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.04.03 17:41:57 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2700.34808__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.04.03 17:41:57 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2700.34680__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.04.03 17:41:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2700.34751__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.04.03 17:41:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2700.34705__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2700.34694__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2700.34686__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2700.34714__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2700.34703__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.04.03 17:41:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2700.34718__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.04.03 17:41:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2700.34754__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.04.03 17:41:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.04.03 17:41:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2700.34702__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2700.34713__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.04.03 17:41:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2700.34729__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2700.34728__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2700.34714__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2700.34722__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2705.19134__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2700.34721__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2700.34726__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2700.34709__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2700.34716__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2700.34721__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2700.34724__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2700.34708__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2700.34672__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.04.03 17:41:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2700.34717__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.04.03 17:41:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2700.34704__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.04.03 17:41:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2700.34697__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.04.03 17:41:50 | 000,086,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2721.37099_cs_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.04.03 17:41:50 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2721.37150__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.04.03 17:41:50 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2721.36817__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.04.03 17:41:49 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2721.36855__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.04.03 17:41:49 | 000,446,464 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2721.37099__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.04.03 17:41:49 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2721.37107__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.04.03 17:41:49 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2721.36818__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.04.03 17:41:49 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2721.37106__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.04.03 17:41:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2700.34690__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.04.03 17:41:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2700.34706__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.04.03 17:41:49 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2700.34681__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.04.03 17:41:49 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2700.34752__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.04.03 17:41:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2700.34708__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.04.03 17:41:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2700.34711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.04.03 17:41:48 | 001,503,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2721.36834__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.04.03 17:41:48 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2721.36819__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.04.03 17:41:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2721.36818__90ba9c70f846762e\APM.Server.dll
MOD - [2008.04.03 17:41:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2721.36817__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.04.03 17:41:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2700.34698__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.04.03 17:41:48 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2721.37107__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.04.03 17:41:48 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.04.03 17:41:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2700.34740__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2007.11.14 10:37:46 | 000,828,416 | ---- | M] () -- C:\Program Files\OpenOffice.org 2.3\program\libxml2.dll
MOD - [2006.09.14 16:29:48 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.09.13 23:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2007.05.15 14:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)

========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.07.20 21:04:52 | 000,139,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2008.07.07 14:40:18 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.03 17:47:54 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2007.06.15 02:58:56 | 002,301,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.05.15 14:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007.05.15 14:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007.05.15 14:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007.05.14 19:03:24 | 000,445,696 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007.05.14 02:12:00 | 003,526,464 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2007.05.10 10:28:00 | 004,419,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.12.14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.06.18 22:59:28 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.01.14 10:30:00 | 000,017,151 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDPNDIS5.sys -- (ZDPNDIS5)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-515967899-1085031214-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "IMVU Inc Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "IMVU Inc Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz"
FF - prefs.js..extensions.enabledItems: {90b49673-5506-483e-b92b-ca0265bd9ca8}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2612669&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.03 17:56:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.20 06:11:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2011.02.11 15:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions
[2011.02.11 15:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2011.12.10 19:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions
[2010.08.12 17:57:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.12 17:56:59 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.02.11 15:31:02 | 000,000,000 | ---D | M] (IMVU Inc Toolbar) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2011.01.17 14:46:12 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\conduit.xml
[2011.12.10 19:34:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin-1.xml
[2010.01.19 16:43:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin-2.xml
[2010.12.28 00:24:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin-3.xml
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin.xml
[2011.12.10 19:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.19 16:38:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.22 16:40:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.26 03:33:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.25 07:22:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.22 10:39:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.23 14:28:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.23 05:11:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.24 06:49:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.03 17:56:23 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.07.03 17:56:23 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.07.03 17:56:23 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.07.03 17:56:23 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.07.03 17:56:23 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Gmail = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2010.08.12 17:51:40 | 000,416,622 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14381 more lines...
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKU\S-1-5-21-515967899-1085031214-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\LevelOne Wireless Utility.lnk = C:\Program Files\LevelOne\Common\RaUI.exe (Digital Data Communications Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\IMVU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E873B9C-E020-4825-B469-7D8411203F42}: DhcpNameServer = 212.80.66.7 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F51C9AF3-F5AD-4B56-A9FE-07138A0B86C1}: NameServer = 212.80.66.7,82.100.61.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.03 17:10:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Hacked With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.ffds - C:\Program Files\ffdshow\ffdshow.ax ()
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.12.26 12:45:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2011.12.26 03:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\SUPERAntiSpyware.com
[2011.12.26 03:28:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2011.12.26 03:28:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.12.26 01:53:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
[2011.12.26 01:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.12.26 01:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.26 01:47:46 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.26 00:13:26 | 000,000,000 | ---D | C] -- C:\programy
[2011.12.11 13:26:00 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.12.26 12:54:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.26 12:45:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2011.12.26 12:20:06 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.26 12:19:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.26 12:18:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.26 08:11:56 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{59763835-7CA5-47A9-AF15-33398A318979}.job
[2011.12.26 04:40:35 | 000,025,222 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\popis.odt
[2011.12.26 03:28:40 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2011.12.26 00:13:49 | 000,000,655 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.12.24 18:54:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.15 13:14:55 | 000,107,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.15 04:37:39 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.11 13:26:00 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.11.30 22:43:38 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.11.29 04:17:01 | 000,432,928 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.29 04:17:01 | 000,429,460 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.11.29 04:17:01 | 000,078,488 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.11.29 04:17:01 | 000,067,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.11.28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.26 12:54:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.26 03:28:40 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2011.12.26 02:56:18 | 000,025,222 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\popis.odt
[2010.12.11 08:12:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.10.11 23:57:45 | 000,065,192 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.07.20 18:05:18 | 000,139,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.07.20 18:05:09 | 000,189,744 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009.07.20 18:04:58 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008.12.26 11:46:34 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.07.07 17:27:47 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.05.31 11:04:22 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.27 10:47:54 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.04.04 11:23:18 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2008.04.04 11:23:18 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2008.04.04 11:23:18 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2008.04.04 11:01:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2008.04.04 11:01:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2008.04.04 07:52:39 | 000,033,533 | ---- | C] () -- C:\WINDOWS\System32\CoreVorbis-uninstall.exe
[2008.04.04 07:52:37 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2008.04.04 07:52:28 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2008.04.04 07:52:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2008.04.04 07:52:10 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008.04.04 07:52:10 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\58E0D8B9D4.sys
[2008.04.04 07:30:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.04.03 18:29:09 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.04.03 18:26:18 | 000,107,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.04.03 17:46:21 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.04.03 17:37:15 | 000,972,072 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008.04.03 17:37:14 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.04.03 17:37:13 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008.04.03 17:37:13 | 000,149,278 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.04.03 17:13:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.04.03 17:08:11 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.03 12:07:13 | 000,000,655 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2006.03.02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 13:00:00 | 000,432,928 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 13:00:00 | 000,429,460 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 13:00:00 | 000,078,488 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 13:00:00 | 000,067,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.12.20 10:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.12.20 10:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.09.01 16:49:17 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2002.10.06 19:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.05 00:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 00:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 00:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

========== LOP Check ==========

[2010.08.12 03:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.10.24 06:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ask
[2009.04.18 21:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2009.05.18 16:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.11.14 13:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.03.20 12:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2008.07.07 14:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\DAEMON Tools
[2008.05.17 21:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\flightgear.org
[2008.05.17 21:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\fltk.org
[2011.02.02 17:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
[2008.05.03 18:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ICQ Toolbar
[2010.07.23 11:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\TeamViewer
[2009.06.27 14:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall
[2011.12.26 08:11:56 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{59763835-7CA5-47A9-AF15-33398A318979}.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< netsvc >

< >

< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.10.13 19:15:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.10.13 19:15:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.10.13 19:15:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.10.13 19:15:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.10.13 19:15:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.10.13 19:15:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[92 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.04.06 15:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Adobe
[2008.04.15 11:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Ahead
[2008.04.03 17:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ATI
[2008.05.04 15:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\CyberLink
[2008.07.07 14:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\DAEMON Tools
[2008.05.17 21:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\flightgear.org
[2008.05.17 21:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\fltk.org
[2008.08.05 16:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Google
[2009.12.27 12:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Help
[2011.02.02 17:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
[2008.05.03 18:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ICQ Toolbar
[2008.04.03 17:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Identities
[2008.04.03 17:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\InstallShield
[2008.04.06 13:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Macromedia
[2011.12.26 01:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
[2010.10.13 06:28:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
[2010.07.01 21:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla
[2011.12.26 12:19:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org2
[2011.12.26 00:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Skype
[2011.07.11 03:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\skypePM
[2008.04.06 12:00:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Sun
[2011.12.26 03:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SUPERAntiSpyware.com
[2009.10.16 14:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\teamspeak2
[2010.07.23 11:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\TeamViewer
[2009.06.27 14:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall

< %APPDATA%\*.exe /s >
[2008.04.06 15:03:14 | 001,523,040 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2008.04.03 17:41:39 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{024729A3-6BE9-F0DD-E6C4-A95CF7159A1C}\ARPPRODUCTICON.exe
[2008.04.03 17:41:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{03E26CB2-2D09-EE9E-7C42-F9EDDBA61292}\ARPPRODUCTICON.exe
[2008.04.03 17:41:23 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{17F2ACCF-309D-2B41-3D40-A3F569F57EDA}\ARPPRODUCTICON.exe
[2008.04.03 17:41:27 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{1D893CF9-2C8D-3B98-457D-EB5F3578BC30}\ARPPRODUCTICON.exe
[2008.04.03 17:40:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{2105D2A8-6360-6AB2-1889-95286C9E1757}\ARPPRODUCTICON.exe
[2008.04.03 17:41:00 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{2B0838A1-05EB-A135-550A-84CE19A4FB8B}\ARPPRODUCTICON.exe
[2008.04.03 17:41:43 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{32A41613-DBF2-8AD3-244C-E9CC9C9B630D}\ARPPRODUCTICON.exe
[2008.04.03 17:41:35 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{39C3617A-C7AC-EDF0-DD71-77A1AF8ACD4B}\ARPPRODUCTICON.exe
[2008.04.03 17:41:22 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{41C77DAD-7A71-9108-442A-0D134D75AF48}\ARPPRODUCTICON.exe
[2008.04.03 17:41:26 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{4413D70B-5617-3718-B3DB-E83E9F2A20C9}\ARPPRODUCTICON.exe
[2008.04.03 17:41:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{450DA020-DB18-E288-31C3-3B3F872A776E}\ARPPRODUCTICON.exe
[2008.04.03 17:41:05 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{4E544E75-4FC7-5224-9C37-3D2831CDB017}\ARPPRODUCTICON.exe
[2008.04.03 17:41:37 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{62834027-0A20-19E2-8ADA-8AC11DA07723}\ARPPRODUCTICON.exe
[2008.04.03 17:41:41 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{63A9FB11-2708-7EAE-4AE4-765115E4151D}\ARPPRODUCTICON.exe
[2008.04.03 17:41:10 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{66CB0251-AB0E-5D30-4A04-7C9F9F26B7EE}\ARPPRODUCTICON.exe
[2008.04.03 17:41:29 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{68C37F3D-2038-A60A-3DC4-60CAC421CF15}\ARPPRODUCTICON.exe
[2008.04.03 17:41:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{6A1DA78D-8895-3411-5954-3DE90EB4839A}\ARPPRODUCTICON.exe
[2008.04.03 17:40:43 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{6E9087C5-4D61-8AE6-0972-3C7A0BAC64D7}\ARPPRODUCTICON.exe
[2008.04.03 17:41:19 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{706A3FF0-1EA1-3FF0-69A5-DE0B22F5230A}\ARPPRODUCTICON.exe
[2008.04.03 17:40:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{77E033C3-D3EB-ECAA-7815-2C7DBBDF1AF3}\ARPPRODUCTICON.exe
[2008.04.03 17:41:38 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{78F4F3F8-6ED5-34AD-CAD2-AC6127729138}\ARPPRODUCTICON.exe
[2008.04.03 17:41:34 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{7CC7F961-1F31-39AD-8423-8E9220676B2E}\ARPPRODUCTICON.exe
[2008.04.03 17:41:33 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{889BCCBD-8C77-8D09-9BDF-DE6210E70AF2}\ARPPRODUCTICON.exe
[2008.04.03 17:40:40 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{8AF1BF2B-FA5E-1A95-60DB-F28CB2070FBC}\ARPPRODUCTICON.exe
[2008.04.03 17:40:45 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{8BEA6A31-651C-C4DC-E174-561BB14120B3}\ARPPRODUCTICON.exe
[2008.04.03 17:41:07 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{948B21FA-48AF-AA3E-9770-02625F0108AC}\ARPPRODUCTICON.exe
[2008.04.03 17:41:15 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{972826C4-7E9D-F0DA-1EA9-B2D223722370}\ARPPRODUCTICON.exe
[2008.04.03 17:40:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{98E8285F-6B11-4ABD-15BA-2A369C3FDD86}\ARPPRODUCTICON.exe
[2008.04.03 17:41:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{A0794C57-D8F2-5423-CA67-384D45EB382B}\ARPPRODUCTICON.exe
[2008.04.03 17:41:25 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{A41A8666-3EC8-51B2-2927-493FBA5CE2B5}\ARPPRODUCTICON.exe
[2008.04.03 17:41:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{A828F8F2-BD8C-6F85-7280-0D252D34AC5D}\ARPPRODUCTICON.exe
[2008.04.03 17:41:30 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{B2F2C082-77FD-6C2C-2EC8-FBB852B8B51A}\ARPPRODUCTICON.exe
[2008.04.03 17:40:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{BA235311-3EA5-83C7-F0E4-3FFED48A3110}\ARPPRODUCTICON.exe
[2008.04.03 17:41:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{BFB450D8-BCCB-C608-C2D3-2F863B0A1A09}\ARPPRODUCTICON.exe
[2008.04.03 17:41:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{D2C811DF-7927-A826-DD0A-F4BD7756A09B}\ARPPRODUCTICON.exe
[2008.04.03 17:41:14 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{D30125D5-23F3-BD39-DE6B-6483E21F34C1}\ARPPRODUCTICON.exe
[2008.04.03 17:41:02 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{D6D2D227-3431-82D1-08CA-D48F7D5B12FF}\ARPPRODUCTICON.exe
[2008.04.03 17:40:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{D7CC2103-F5A3-E151-F2E9-C94513A47F3F}\ARPPRODUCTICON.exe
[2008.04.03 17:41:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{ECDD7BD7-AA20-A0EC-C91A-34FDB52E171B}\ARPPRODUCTICON.exe
[2008.04.03 17:40:53 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{F5461972-F6A5-853A-1B4B-F5AD2CB78A89}\ARPPRODUCTICON.exe
[2008.04.03 17:40:57 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{F7B37275-A11B-0B97-6F69-038E9569002E}\ARPPRODUCTICON.exe
[2008.04.03 17:40:38 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{FF04C032-D077-4E74-4BBD-B44B0C82CD2D}\ARPPRODUCTICON.exe
[2009.02.06 13:19:56 | 000,068,520 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\callmsi.exe
[2009.02.06 13:20:52 | 000,245,680 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\ecls.exe
[2009.02.06 13:21:16 | 000,060,280 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\ecmd.exe
[2009.02.06 13:21:54 | 000,064,400 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\eeclnt.exe
[2009.02.06 13:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\egui.exe
[2009.02.06 13:27:06 | 000,020,680 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
[2009.02.06 13:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\ekrn.exe
[2009.02.06 13:29:14 | 000,657,680 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\SysInspector.exe
[2009.02.06 13:29:32 | 000,896,640 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\SysRescue.exe

CatCathy · #8 Příspěvek od **CatCathy** » 26 pro 2011 13:23

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2011.12.26 12:19:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.12.26 12:20:06 | 000,000,944 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.12.26 08:11:56 | 000,000,472 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{59763835-7CA5-47A9-AF15-33398A318979}.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.07.07 14:40:18 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.04.03 18:25:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.04.03 18:25:18 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.04.03 18:25:18 | 000,471,040 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.12.24 18:54:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >
[2011.01.22 01:28:41 | 005,863,936 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\80-90 leta.pps
[2011.09.24 23:31:17 | 981,609,594 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Ani-svati-ani-andele-Cesky-film-2010--stendli.avi
[2008.04.04 07:55:47 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\BSplayer.lnk
[2008.04.04 16:13:09 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Internet.lnk
[2008.04.06 12:41:54 | 000,000,659 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Kyodai Mahjongg.lnk
[2011.12.26 12:45:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2011.12.26 04:40:35 | 000,025,222 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\popis.odt
[2008.04.06 12:05:48 | 000,001,491 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Solitaire.lnk
[2011.04.13 19:13:17 | 000,267,264 | -HS- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Thumbs.db
[2008.04.03 12:07:14 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\Total Commander.lnk

< %userprofile%\Desktop\*.* >

< %ALLUSERSPROFILE%\Plocha\*.* >
[2010.08.12 03:45:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2008.04.04 09:14:48 | 000,001,721 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CyberLink DVD Suite.lnk
[2008.07.07 14:56:49 | 000,000,557 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2008.04.04 09:07:46 | 000,002,369 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart Essentials.lnk
[2008.04.04 07:48:55 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Picasa2.lnk
[2011.12.26 03:28:40 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SUPERAntiSpyware Free Edition.lnk
[2008.04.04 07:48:24 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Winamp.lnk

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2003.12.05 13:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped

< *keygen* /s >

< *loader* /s >
[2010.08.01 12:02:38 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\bombahry.cz\ava\games\minicliprally.swf\MiniclipLoaderAd.sol
[2011.12.25 14:19:05 | 000,000,121 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\fr-advideum.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2010.07.31 21:42:25 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\lepsihry.cz\_data\data\49\49a2f8d1f0ab.swf\MiniclipLoaderAd.sol
[2010.02.13 11:42:49 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\miniclip.com\games\air-barons\en\air_barons.dcr\MiniclipLoaderAd.sol
[2010.02.13 12:51:52 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\miniclip.com\games\masters-of-wrestling\en\master_of_wrestling.dcr\MiniclipLoaderAd.sol
[2010.04.03 15:28:48 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\miniclip.com\games\milk-shake\en\milk_shake.dcr\MiniclipLoaderAd.sol
[2008.11.01 14:54:57 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\miniclip.com\games\moon-rush\en\moonrush.dcr\MiniclipLoaderAd.sol
[2008.04.22 12:47:23 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\miniclip.com\games\sportbike-sprint\en\sportbike_sprint.dcr\MiniclipLoaderAd.sol
[2010.04.03 15:13:38 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\miniclip.com\games\tennis-grand-slam\en\tennis_grand_slam.dcr\MiniclipLoaderAd.sol
[2010.12.02 21:41:51 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\superflashhry.cz\swf\game_225.swf\MiniclipLoaderAd.sol
[2008.06.06 21:17:36 | 000,000,060 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Macromedia\Flash Player\#SharedObjects\3XBCZQ2U\tophry.net\games\307.swf\MiniclipLoaderAd.sol
[2011.12.26 12:22:09 | 000,000,905 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\5GB7P8L3\TooltipLoader[1].css
[2011.12.26 12:22:09 | 000,014,290 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\5GB7P8L3\TooltipLoader[1].js
[2011.12.26 00:12:42 | 000,003,208 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\GZTECWI2\ajax-loader[1].gif
[2011.12.26 12:27:25 | 000,008,017 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\OG3F512P\loader[1].gif
[2011.12.26 02:45:46 | 000,000,735 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\OG3F512P\loader[1].js
[2011.12.26 02:40:57 | 000,000,723 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\TI9771NZ\preloader[1].gif
[2010.12.15 06:52:46 | 000,003,574 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\U4PO394D\preloader[1].gif
[2011.12.26 02:40:57 | 000,002,545 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\XEKALSIP\loader[1].gif
[2007.05.08 18:46:20 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2010.11.14 13:35:49 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.11.14 13:35:48 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.11.14 13:35:50 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.11.14 13:35:48 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.01.18 20:07:28 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.18 20:07:35 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.18 20:07:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2007.11.14 10:57:58 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\javaloader.uno.dll
[2007.11.15 01:05:24 | 000,005,226 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\pythonloader.py
[2007.11.14 15:50:12 | 000,015,360 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\pythonloader.uno.dll
[2007.11.15 02:00:28 | 000,000,145 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\pythonloader.uno.ini
[2007.11.14 10:57:58 | 000,016,384 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\shlibloader.uno.dll
[2007.11.14 15:35:48 | 000,004,063 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\classes\unoloader.jar
[2005.06.07 11:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2010.10.22 12:43:22 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2008.03.14 21:57:50 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2008.08.05 18:56:41 | 000,056,563 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\X9WQW42W\serialy[1].htm
[2011.08.30 16:58:34 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011.10.13 12:06:39 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2007.11.14 13:42:38 | 000,188,993 | ---- | M] () -- \Program Files\OpenOffice.org 2.3\program\classes\serializer.jar
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.03.02 13:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2011.10.13 12:04:38 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.10 11:46:54 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.14 08:52:39 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 21:47:34 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< *AutoRearm* /s >

< >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RTHDCPL" = RTHDCPL.EXE -- [2007.05.10 10:08:00 | 016,342,528 | R--- | M] (Realtek Semiconductor Corp.)
"Alcmtr" = ALCMTR.EXE -- [2005.05.03 10:43:00 | 000,069,632 | R--- | M] (Realtek Semiconductor Corp.)
"InCD" = C:\Program Files\Nero\Nero 7\InCD\InCD.exe -- [2007.05.15 14:55:26 | 001,057,328 | ---- | M] (Nero AG)
"RemoteControl" = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" -- [2006.11.23 14:10:42 | 000,056,928 | ---- | M] (Cyberlink Corp.)
"LanguageShortcut" = "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" -- [2006.12.05 21:55:32 | 000,054,832 | ---- | M] ()
"avast5" = C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui -- [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"" =
"Installed" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"" =
"Installed" = 1
"NoChange" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"" =
"Installed" = 1

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2011.12.09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >

< >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.26 12:54:51 | 000,000,512 | ---- | M] () MD5=77E8C755B16EA8CCCDD6571399F8BE4E -- C:\PhysicalMBR.bin

< End of report >

CatCathy · #9 Příspěvek od **CatCathy** » 26 pro 2011 13:23

extras.txt

OTL Extras logfile created on: 26.12.2011 12:52:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

894,42 Mb Total Physical Memory | 349,20 Mb Available Physical Memory | 39,04% Memory free
2,12 Gb Paging File | 1,45 Gb Available in Paging File | 68,46% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 37,43 Gb Free Space | 63,88% Space Free | Partition Type: NTFS
Drive D: | 90,45 Gb Total Space | 82,97 Gb Free Space | 91,73% Space Free | Partition Type: NTFS

Computer Name: PC-8F78D4E35003 | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-515967899-1085031214-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\ICQ6\ICQ.exe" = D:\ICQ6\ICQ.exe:*:Enabled:ICQ6
"D:\HRY\vietcong.exe" = D:\HRY\vietcong.exe:*:Disabled:vietcong
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET
"D:\ICQ6.5\ICQ.exe" = D:\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Kyodai Mahjongg 2006\kmj.exe" = C:\Program Files\Kyodai Mahjongg 2006\kmj.exe:*:Disabled:Kyodai Mahjongg -- (Rene-Gilles Deberdt)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024729A3-6BE9-F0DD-E6C4-A95CF7159A1C}" = CCC Help Thai
"{03E26CB2-2D09-EE9E-7C42-F9EDDBA61292}" = Catalyst Control Center Localization Portuguese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{1114F843-609B-E030-D9E9-D4BE7772B36C}" = Catalyst Control Center Localization Czech
"{17F2ACCF-309D-2B41-3D40-A3F569F57EDA}" = CCC Help Finnish
"{1D893CF9-2C8D-3B98-457D-EB5F3578BC30}" = CCC Help Italian
"{1DD34CAF-3E11-B6F8-70CD-D281DFA7CA52}" = Skins
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2105D2A8-6360-6AB2-1889-95286C9E1757}" = Catalyst Control Center Localization Italian
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2B0838A1-05EB-A135-550A-84CE19A4FB8B}" = Catalyst Control Center Localization Norwegian
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A41613-DBF2-8AD3-244C-E9CC9C9B630D}" = CCC Help Chinese Traditional
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{39C3617A-C7AC-EDF0-DD71-77A1AF8ACD4B}" = CCC Help Portuguese
"{39CDC80C-4330-4556-990D-1975211E2370}" = OpenOffice.org 2.3
"{39FDE6F8-5D02-EC16-967E-3D36AE3D9C4E}" = Catalyst Control Center Graphics Full Existing
"{41C77DAD-7A71-9108-442A-0D134D75AF48}" = CCC Help Spanish
"{4413D70B-5617-3718-B3DB-E83E9F2A20C9}" = CCC Help Hungarian
"{450DA020-DB18-E288-31C3-3B3F872A776E}" = CCC Help English
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E544E75-4FC7-5224-9C37-3D2831CDB017}" = Catalyst Control Center Localization Russian
"{567D03AD-B75E-0F08-087B-13C1FF67C7D7}" = Catalyst Control Center Graphics Full New
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5F1B0D76-AFC0-6382-C507-D61E0D4CD3DC}" = Catalyst Control Center Core Implementation
"{62834027-0A20-19E2-8ADA-8AC11DA07723}" = CCC Help Russian
"{63A9FB11-2708-7EAE-4AE4-765115E4151D}" = CCC Help Turkish
"{66CB0251-AB0E-5D30-4A04-7C9F9F26B7EE}" = Catalyst Control Center Localization Turkish
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68C37F3D-2038-A60A-3DC4-60CAC421CF15}" = CCC Help Japanese
"{6A1DA78D-8895-3411-5954-3DE90EB4839A}" = CCC Help Chinese Standard
"{6E9087C5-4D61-8AE6-0972-3C7A0BAC64D7}" = Catalyst Control Center Localization Finnish
"{706A3FF0-1EA1-3FF0-69A5-DE0B22F5230A}" = CCC Help Greek
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{77E033C3-D3EB-ECAA-7815-2C7DBBDF1AF3}" = Catalyst Control Center Localization Spanish
"{78F4F3F8-6ED5-34AD-CAD2-AC6127729138}" = CCC Help Swedish
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro Trial
"{7CC7F961-1F31-39AD-8423-8E9220676B2E}" = CCC Help Polish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889BCCBD-8C77-8D09-9BDF-DE6210E70AF2}" = CCC Help Norwegian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF1BF2B-FA5E-1A95-60DB-F28CB2070FBC}" = Catalyst Control Center Localization Greek
"{8BEA6A31-651C-C4DC-E174-561BB14120B3}" = Catalyst Control Center Localization French
"{92F0B124-1C08-0F00-47FA-9581A74EF0FA}" = ccc-utility
"{948B21FA-48AF-AA3E-9770-02625F0108AC}" = Catalyst Control Center Localization Swedish
"{972826C4-7E9D-F0DA-1EA9-B2D223722370}" = CCC Help Czech
"{98E8285F-6B11-4ABD-15BA-2A369C3FDD86}" = Catalyst Control Center Localization Hungarian
"{9B4E6CB9-E54D-47F7-A414-E2D5740E1029}" = Nero 7 Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0794C57-D8F2-5423-CA67-384D45EB382B}" = CCC Help Danish
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A41A8666-3EC8-51B2-2927-493FBA5CE2B5}" = CCC Help French
"{A828F8F2-BD8C-6F85-7280-0D252D34AC5D}" = Catalyst Control Center Localization Thai
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B2F2C082-77FD-6C2C-2EC8-FBB852B8B51A}" = CCC Help Korean
"{BA235311-3EA5-83C7-F0E4-3FFED48A3110}" = ccc-core-preinstall
"{BFB450D8-BCCB-C608-C2D3-2F863B0A1A09}" = CCC Help Dutch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB99356B-F8B6-EE9B-806F-57E58CDB8A49}" = Catalyst Control Center Graphics Light
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2C811DF-7927-A826-DD0A-F4BD7756A09B}" = Catalyst Control Center Localization Chinese Standard
"{D30125D5-23F3-BD39-DE6B-6483E21F34C1}" = Catalyst Control Center Localization Chinese Traditional
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D6D2D227-3431-82D1-08CA-D48F7D5B12FF}" = Catalyst Control Center Localization Polish
"{D7CC2103-F5A3-E151-F2E9-C94513A47F3F}" = Catalyst Control Center Localization Dutch
"{E91E8912-769D-42F0-8408-0E329443BABC}" = LevelOne WNC-0301USB Wireless Adapter
"{ECDD7BD7-AA20-A0EC-C91A-34FDB52E171B}" = CCC Help German
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5461972-F6A5-853A-1B4B-F5AD2CB78A89}" = Catalyst Control Center Localization Japanese
"{F68A5AEF-061D-0A49-D440-C54D96496CE8}" = ccc-core-static
"{F7B37275-A11B-0B97-6F69-038E9569002E}" = Catalyst Control Center Localization Korean
"{FF04C032-D077-4E74-4BBD-B44B0C82CD2D}" = Catalyst Control Center Localization German
"{FFA07CE3-8ABF-F029-657D-422FDAE76594}" = Catalyst Control Center Localization Danish
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"BSPlayer1" = BSPlayer
"CoreVorbis Audio Decoder" = CoreVorbis Audio Decoder (remove only)
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"Czech Soccer Manager 99verze 5.2 FINAL (7.7.1999)" = Czech Soccer Manager 99
"ffdshow" = ffdshow (remove only)
"FMS" = FMS
"Google Chrome" = Google Chrome
"hp deskjet 656c series_Driver" = hp deskjet 656c series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Kyodai Mahjongg 2006_is1" = Kyodai Mahjongg 2006 v1.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mmswitch" = Morgan Stream Switcher
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Picasa2" = Picasa 2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"Totalcmd" = Total Commander (Remove or Repair)
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.10.2011 8:29:10 | Computer Name = PC-8F78D4E35003 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 20.10.2011 21:59:01 | Computer Name = PC-8F78D4E35003 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 13.11.2011 17:11:11 | Computer Name = PC-8F78D4E35003 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19154, adresa chyby 0x00067a38.

Error - 25.11.2011 2:45:48 | Computer Name = PC-8F78D4E35003 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 25.11.2011 2:45:48 | Computer Name = PC-8F78D4E35003 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 25.11.2011 17:57:19 | Computer Name = PC-8F78D4E35003 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
SDHelper.dll, verze 1.6.2.14, adresa chyby 0x0010d7e8.

Error - 28.11.2011 15:12:10 | Computer Name = PC-8F78D4E35003 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 5.12.2011 7:50:59 | Computer Name = PC-8F78D4E35003 | Source = Application Error | ID = 1000
Description = Chybující aplikace kmj.exe, verze 2006.0.0.96, chybující modul kmj.exe,
verze 2006.0.0.96, adresa chyby 0x0001bb10.

Error - 14.12.2011 11:48:29 | Computer Name = PC-8F78D4E35003 | Source = Application Error | ID = 1000
Description = Chybující aplikace kmj.exe, verze 2006.0.0.96, chybující modul kmj.exe,
verze 2006.0.0.96, adresa chyby 0x0001bb10.

Error - 26.12.2011 7:51:24 | Computer Name = PC-8F78D4E35003 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.31.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:29 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 25.12.2011 19:12:30 | Computer Name = PC-8F78D4E35003 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

< End of report >

CatCathy · #10 Příspěvek od **CatCathy** » 26 pro 2011 13:28

HJT ftento radek vubec neukazuje:
O4 - HKCU\..\Run: [PCSpeedUp] "C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe"

tak ho prave nemuzu fixnout

#11 Příspěvek od **Mc_Murphy** » 26 pro 2011 15:27

CatCathy píše:HJT ftento radek vubec neukazuje:
O4 - HKCU\..\Run: [PCSpeedUp] "C:\Program Files\Zrychleni Pocitace\PCSpeedUp.exe"

tak ho prave nemuzu fixnout

Nevadí, podíváme se mu na zoubek.

Za tohle dostaneš na zadek!
========== Files/Folders - Created Within 30 Days ==========

Mc_Murphy píše:Stáři souborů změň z 30 dnů na 7 dnů!

SUPERAntiSpyware odeber ze spouštění po startu a z rezidentní ochrany a používej ho jen k občasným scanům, ano?

Přesuň z Plochy všechny veliké soubory, jako třeba Ani-svati-ani-andele-Cesky-film-2010--stendli.avi někam jinam. Na Ploše by měly být jen zástupci, případně menší soubory.
Složka C:\Documents and Settings\Uživatel\Plocha by neměla velikostí přesáhnout +/- 300 MB.

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

:Services
gupdate
gupdatem
gusvc
InCDsrv
JavaQuickStarterService
NBService
NMIndexingService

:OTL
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "IMVU Inc Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "IMVU Inc Customized Web Search"
FF - prefs.js..extensions.enabledItems: {90b49673-5506-483e-b92b-ca0265bd9ca8}:2.7.2.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&q="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2010.08.12 17:56:59 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.02.11 15:31:02 | 000,000,000 | ---D | M] (IMVU Inc Toolbar) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2011.01.17 14:46:12 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\conduit.xml
[2011.12.10 19:34:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin-1.xml
[2010.01.19 16:43:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin-2.xml
[2010.12.28 00:24:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin-3.xml
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\icqplugin.xml
[2010.01.19 16:38:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1085031214-725345543-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - Startup: C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\IMVU.lnk = File not found
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[92 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[2009.02.06 13:19:56 | 000,068,520 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\callmsi.exe
[2009.02.06 13:20:52 | 000,245,680 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\ecls.exe
[2009.02.06 13:21:16 | 000,060,280 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\ecmd.exe
[2009.02.06 13:21:54 | 000,064,400 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\eeclnt.exe
[2009.02.06 13:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\egui.exe
[2009.02.06 13:27:06 | 000,020,680 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
[2009.02.06 13:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\ekrn.exe
[2009.02.06 13:29:14 | 000,657,680 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\SysInspector.exe
[2009.02.06 13:29:32 | 000,896,640 | ---- | M] (ESET) -- C:\Documents and Settings\Uživatel\Data aplikací\Thinstall\Your Uninstaller! 2008 Version 6.2\%ProgramFilesDir%\ESET\ESET NOD32 Antivirus\SysRescue.exe

:Files
C:\Program Files\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
C:\Documents and Settings\All Users\Data aplikací\ESET
C:\Documents and Settings\Uživatel\Data aplikací\ICQ Toolbar
C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\User_Feed_Synchronization-{59763835-7CA5-47A9-AF15-33398A318979}.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
""=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

CatCathy · #12 Příspěvek od **CatCathy** » 26 pro 2011 21:47

Jee ja tam ale mam tech 30 dni automaticky, to je divny

na zadek nechciiiii

Moznost na 32 nebo 64 nemam - nikde neni na vyber na zaskrnuti techto moznosti.

Ten film na plose je pro maminku, ona ho nikde jinde nezvladne najit, ale az se na nej podiva tak smazu

Nastaveni SUPERantiSpywaru zmeneno, aby se nespoustel pri startu.

Jdu udelat znovu OTL.

dekuju moc moc moc

CatCathy · #13 Příspěvek od **CatCathy** » 27 pro 2011 03:01

Tak ze me bude silene smutna princezna...
PC se po restartu sekal, vubec nechtel najizdet, neslo mi dodelat test OTL a z niceho nic avast nahlasil ze nasel rootkit - dala jsem ho smazat, smazani probehlo, ale po restartu avast uz nenajel, vubec nejde spustit, porad to hlasi, ze pc je nechranen a je potreba spustit avast, ale nejde to, kdyz to zkusim zakliknout, napise to, ze Server RPC neni k dispozici.

podarilo se mi projet PC SuperAntiSpywarem, ale nasel jenom cookies - smazala jsem je:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/27/2011 at 02:45 AM

Application Version : 5.0.1142

Core Rules Database Version : 8087
Trace Rules Database Version: 5899

Scan type : Complete Scan
Total Scan Time : 00:58:31

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 379
Memory threats detected : 0
Registry items scanned : 36994
Registry threats detected : 0
File items scanned : 51039
File threats detected : 8

Adware.Tracking Cookie
C:\Documents and Settings\Uživatel\Cookies\KPMDQM27.txt [ /imedia.cz ]
C:\Documents and Settings\Uživatel\Cookies\X50YBRLU.txt [ /ad.yieldmanager.com ]
C:\Documents and Settings\Uživatel\Cookies\I18MZSLK.txt [ /cp.adform.net ]
C:\Documents and Settings\Uživatel\Cookies\291EZU4S.txt [ /accounts.google.com ]
C:\Documents and Settings\Uživatel\Cookies\T2UK7BO3.txt [ /estat.com ]
C:\Documents and Settings\Uživatel\Cookies\ZAGJQ254.txt [ /adform.net ]
C:\Documents and Settings\Uživatel\Cookies\XZQ3SCTN.txt [ /lucidmedia.com ]
C:\Documents and Settings\Uživatel\Cookies\R15ZOVSY.txt [ /s007.media-clic.com ]

LOG RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2011-12-27 02:59:51
WIN_XP Service Pack 3
System drive C: has 38 GB (64%) free of 60 GB
Total RAM: 894 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:00:11, on 27.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LevelOne\Common\RaUI.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\programy\uklid pc\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-515967899-1085031214-725345543-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - S-1-5-21-515967899-1085031214-725345543-1004 Startup: IMVU.lnk = ? (User '?')
O4 - S-1-5-21-515967899-1085031214-725345543-1004 Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe (User '?')
O4 - Startup: IMVU.lnk = ?
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: LevelOne Wireless Utility.lnk = C:\Program Files\LevelOne\Common\RaUI.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F51C9AF3-F5AD-4B56-A9FE-07138A0B86C1}: NameServer = 212.80.66.7,82.100.61.254
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 5725 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{59763835-7CA5-47A9-AF15-33398A318979}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz"
prefs.js - "extensions.enabledItems" - "{90b49673-5506-483e-b92b-ca0265bd9ca8}:2.7.2.0, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2612669&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{90b49673-5506-483e-b92b-ca0265bd9ca8}

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\ru8xbn4m.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-05-15 1057328]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-11-28 3744552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
LevelOne Wireless Utility.lnk - C:\Program Files\LevelOne\Common\RaUI.exe

C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění
IMVU.lnk - C:\Documents and Settings\Uživatel\Data aplikací\IMVUClient\IMVUQualityAgent.exe
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-15 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\ICQ6\ICQ.exe"="D:\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\HRY\vietcong.exe"="D:\HRY\vietcong.exe:*:Disabled:vietcong"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\ICQ6.5\ICQ.exe"="D:\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Kyodai Mahjongg 2006\kmj.exe"="C:\Program Files\Kyodai Mahjongg 2006\kmj.exe:*:Disabled:Kyodai Mahjongg"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIV3"=DivXc32.dll
"vidc.DIV4"=DivXc32f.dll
"msacm.divxa32"=DivXa32.acm
"vidc.DIVX"=DivX.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.HFYU"=huffyuv.dll
"vidc.ffds"=C:\Program Files\ffdshow\ffdshow.ax
"VIDC.YV12"=divx.dll
"msacm.lhacm"=lhacm.acm
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-12-26 03:29:10 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\SUPERAntiSpyware.com
2011-12-26 03:28:35 ----D---- C:\Program Files\SUPERAntiSpyware
2011-12-26 03:28:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-12-26 01:53:42 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
2011-12-26 01:53:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-12-26 01:47:47 ----D---- C:\Program Files\trend micro
2011-12-26 01:47:46 ----D---- C:\rsit
2011-12-26 00:13:26 ----D---- C:\programy
2011-12-15 04:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-15 04:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-15 04:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-15 04:33:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-15 04:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-15 04:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-15 04:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$

======List of files/folders modified in the last 1 month======

2011-12-27 02:54:09 ----D---- C:\Program Files\Mozilla Firefox
2011-12-27 02:50:43 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org2
2011-12-27 01:44:26 ----D---- C:\WINDOWS\Temp
2011-12-27 01:09:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-27 00:10:53 ----D---- C:\WINDOWS\Prefetch
2011-12-26 12:29:00 ----D---- C:\WINDOWS
2011-12-26 12:22:01 ----D---- C:\Program Files\Google
2011-12-26 12:22:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-12-26 12:21:58 ----SHD---- C:\WINDOWS\Installer
2011-12-26 12:16:56 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-26 03:28:35 ----RD---- C:\Program Files
2011-12-26 03:16:50 ----D---- C:\WINDOWS\system32\drivers
2011-12-26 03:07:47 ----D---- C:\WINDOWS\system32
2011-12-26 02:59:21 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2011-12-26 01:42:40 ----D---- C:\Config.Msi
2011-12-26 00:13:49 ----AC---- C:\WINDOWS\wincmd.ini
2011-12-26 00:12:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-12-26 00:12:04 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2011-12-26 00:10:17 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-12-26 00:10:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-12-25 23:49:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-25 23:40:17 ----SD---- C:\WINDOWS\Tasks
2011-12-15 04:37:39 ----HD---- C:\WINDOWS\inf
2011-12-15 04:37:39 ----A---- C:\WINDOWS\imsins.BAK
2011-12-15 04:37:07 ----D---- C:\Program Files\Internet Explorer
2011-12-15 04:36:51 ----D---- C:\WINDOWS\ie8updates
2011-12-15 04:36:44 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-15 04:33:51 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-06 23:30:08 ----D---- C:\WINDOWS\system32\config
2011-11-29 04:17:01 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-09-27 36560]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-07-07 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-05-15 37040]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-05-15 38576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-15 2301440]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2007-05-14 3526464]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-05-15 118576]
S3 ap1m81hh;ap1m81hh; C:\WINDOWS\system32\drivers\ap1m81hh.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-05-14 445696]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-04 20747]
S4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S4 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\ZDPNDIS5.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-15 479232]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-05-15 1550896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-07-20 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-07-20 189744]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-12 136176]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-12 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-11 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

CatCathy · #14 Příspěvek od **CatCathy** » 27 pro 2011 03:19

Tak avast stale nereaguje, snazila jsem se znovu zkusit OTL, ale kdyz dane zkopiruju, tak se neda vlozit, moznost vlozit se vubec nezobrazuje.

Snazila jsem se stahnout Malware na projeti, ale pri dokonceni instalace hlasi chybu a vubec nenajede... takze nejaka havet se prekne probudila k zivotu... achich jeje

#15 Příspěvek od **Mc_Murphy** » 27 pro 2011 06:53

Tak dobře, na zadek tentokrát nedostaneš.

Jinak v pohodě, nezoufej, nešil a nesmutni, princezno, mrkneme na to pečlivěji.

Podle logu je vidět, že oprava v OTL se vůbec neprovedla. Nevadí, vezmeme na to větší kalibr. Dělej vše pečlivě, prosím!

PROSÍM, ČTI NÁVOD DŮKLADNĚ - TATO UTILITA MÁ VELKOU SCHOPNOST MAZAT A JE NUTNÉ JI APLIKOVAT JEN NA DOPORUČENÍ, JINAK TI MŮŽE JÍT SYSTÉM DO KYTEK

Stáhni a ulož na Plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypni všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary apod.
Vypni všechny běžící aplikace - ICQ, Skype, browsery, prostě všechny programy, ať běží pouze ComboFix.
Pokud máš Win XP, spusť pod účtem Správce/Administrator.
Pokud máš Win Vista či Win 7, klikni na ComboFix pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Ihned po startu se zobrazí stránka s licenčním ujednáním - pokračuj kliknutím na [Ano].
Pokud Ti ComboFix nabídne instalaci Konzoly pro zotavení, tak souhlas.
Dále postupuj dle pokynů. Během scanu nech PC naprosto v klidu - nespouštěj žádné aplikace a neklikej do zobrazujícího se okna!
Scan by měl trvat cca 10 min, ale pokud bude PC hodne zaneseno, může se čas samozřejmě prodloužit.
Po dokončení scanu a případném restartu ComboFix zobrazí log, který případně najdeš v C:\ComboFix.txt. Jeho obsah mi sem vlož.
Detailní postup včetně obrázků najdeš zde: http://www.bleepingcomputer.com/combofi ... t-combofix

VIRY.CZ

Prosim o kontrolu pc

Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc

Re: Prosim o kontrolu pc