Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Viry neodstraněné Avastem

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#16 Příspěvek od Trasheek »

Po restartu Combofixem se ale opět aktivoval avast!, během vytváření logu vyhodil několikrát hlášku, že nějaké aplikace (PV.3XE a ještě něco) se snaží o změny v registru, tak jsem to odsouhlasil...snad jsem nic nezoral! Tady je tedy ještě log Combofixu.

ComboFix 12-08-07.03 - Trash 08.08.2012 11:27:05.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.548 [GMT 2:00]
Spuštěný z: c:\documents and settings\Trash\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Trash\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
FILE ::
"c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll"
"c:\windows\tasks\Ad-Aware Update (Weekly).job"
"c:\windows\tasks\avast! Emergency Update.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-08 do 2012-08-08 )))))))))))))))))))))))))))))))
.
.
2012-08-07 00:00 . 2012-08-07 11:50 -------- dc----w- c:\documents and settings\All Users\Data aplikací\CPA_VA
2012-08-06 23:45 . 2012-08-06 23:59 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Comodo
2012-08-06 23:45 . 2012-08-06 23:47 -------- d-----w- c:\program files\COMODO
2012-08-06 17:23 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-06 17:23 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-06 17:22 . 2012-07-03 16:21 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-06 17:22 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-06 17:22 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-06 17:22 . 2012-07-03 16:21 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-06 17:22 . 2012-07-03 16:21 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-06 17:22 . 2012-07-03 16:21 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-06 17:21 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-08-06 17:21 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-06 17:20 . 2012-08-06 17:20 -------- dc----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-08-06 17:20 . 2012-08-06 17:20 -------- d-----w- c:\program files\AVAST Software
2012-08-06 14:15 . 2012-08-06 14:15 -------- dc----w- c:\documents and settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF
2012-08-06 13:45 . 2009-09-15 02:15 162320 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
2012-08-06 13:42 . 2012-08-06 17:02 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
2012-08-06 12:46 . 2012-08-06 17:03 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab Setup Files
2012-08-05 01:14 . 2012-08-05 01:14 -------- d-----w- c:\documents and settings\Trash\Local Settings\Data aplikací\Opera
2012-08-05 01:14 . 2012-08-05 01:14 26403 ----a-w- c:\windows\system32\epfwdata.bin
2012-08-05 01:13 . 2012-08-05 01:14 -------- d-----w- c:\program files\Opera
2012-08-02 16:23 . 2012-08-02 16:23 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\IObit
2012-08-02 13:52 . 2012-08-02 13:52 -------- d-----w- c:\windows\ServicePackFiles
2012-08-02 13:44 . 2009-06-22 11:48 91776 ----a-w- c:\windows\system32\drivers\SET1A6A.tmp
2012-08-02 13:26 . 2009-02-09 10:22 473088 ----a-w- c:\windows\system32\wbem\SET18C3.tmp
2012-08-02 13:26 . 2009-02-06 16:39 227840 ----a-w- c:\windows\system32\wbem\SET18C1.tmp
2012-08-02 13:26 . 2009-02-09 10:22 453120 ----a-w- c:\windows\system32\wbem\SET18C2.tmp
2012-08-02 13:24 . 2008-04-21 21:28 216576 ----a-w- c:\program files\Windows NT\Accessories\SET1873.tmp
2012-08-02 13:11 . 2008-06-20 17:42 247296 -c--a-w- c:\windows\system32\dllcache\SET1730.tmp
2012-08-02 13:11 . 2008-06-20 10:45 360320 -c--a-w- c:\windows\system32\dllcache\SET172F.tmp
2012-08-02 13:05 . 2006-10-11 16:26 104960 -c--a-w- c:\windows\system32\dllcache\SET1635.tmp
2012-08-02 13:05 . 2006-10-11 16:26 313344 -c--a-w- c:\windows\system32\dllcache\SET1634.tmp
2012-08-02 13:05 . 2006-10-11 16:26 116224 -c--a-w- c:\windows\system32\dllcache\SET1632.tmp
2012-08-02 13:05 . 2006-10-11 16:26 153088 -c--a-w- c:\windows\system32\dllcache\SET1636.tmp
2012-08-02 13:05 . 2006-10-11 16:26 58880 -c--a-w- c:\windows\system32\dllcache\SET1630.tmp
2012-08-02 13:04 . 2012-05-24 08:48 21376 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-08-02 12:05 . 2012-08-02 12:05 -------- d-----w- c:\documents and settings\Trash\Local Settings\Data aplikací\ESET
2012-07-27 11:50 . 2012-07-27 11:50 -------- dc----w- c:\documents and settings\LocalService\Dokumenty
2012-07-26 17:05 . 2012-07-26 17:05 -------- dc----w- c:\documents and settings\Trash\Data aplikací\Telefónica Móviles
2012-07-26 17:04 . 2009-12-15 12:05 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-07-26 17:04 . 2009-12-15 12:05 113280 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-07-26 17:04 . 2009-12-15 12:05 102528 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-07-26 17:04 . 2009-12-15 12:05 100736 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2012-07-26 17:04 . 2012-07-26 17:04 -------- d-----w- c:\program files\O2
2012-07-24 12:01 . 2012-07-24 12:01 1409 ----a-w- c:\windows\QTFont.for
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-21 22:46 . 2012-06-21 22:46 271360 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-06-21 22:46 . 2012-06-21 22:46 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-07-29 10:58 . 2012-06-08 12:14 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-07_19.23.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-08 09:42 . 2012-08-08 09:42 16384 c:\windows\temp\Perflib_Perfdata_3a4.dat
+ 2007-10-31 18:06 . 2012-08-08 09:45 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-31 18:06 . 2012-08-07 17:30 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-10-31 18:06 . 2012-08-08 09:45 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-10-31 18:06 . 2012-08-07 17:30 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2012-08-08 09:07 . 2012-08-08 09:45 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2012-08-06 23:59 . 2012-08-07 17:30 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-30 262144]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-11-23 208184]
"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-11-23 182584]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 6749512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Soulseek-Test\\slsk.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Documents and Settings\\Trash\\Plocha\\utorrent-portable\\utorrent.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Documents and Settings\\Trash\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.10.2007 21:34 436792]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6.8.2012 19:22 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6.8.2012 19:23 353688]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [11.3.2012 21:13 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11.3.2012 21:13 31704]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.8.2012 19:23 21256]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [23.11.2011 12:27 1052472]
R2 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [1.12.2007 18:54 8192]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5.7.2012 18:41 3048136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 9:50 158856]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [26.7.2012 19:04 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [26.7.2012 19:04 100736]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [3.5.2012 13:57 113120]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2.5.2010 2:34 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2.5.2010 2:35 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2.5.2010 2:35 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2.5.2010 2:36 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2.5.2010 2:36 25704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 16:34 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-08 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-06 16:21]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-06 17:23]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-06 17:23]
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\
FF - user.js: extensions.installedDistroAddon.testpilot@labs.mozilla.com - true
FF - user.js: extensions.jqs@sun.com.install-event-fired - true
FF - user.js: extensions.kosa.anonymousId - 047b792e0c7c5e971952c209f392b325
FF - user.js: extensions.kosa.bgCount - 261
FF - user.js: extensions.kosa.bundles - +1$fvd
FF - user.js: extensions.kosa.config - +fvd
FF - user.js: extensions.kosa.enabled - true
FF - user.js: extensions.kosa.install - fvd
FF - user.js: extensions.kosa.prefix - fvd
FF - user.js: extensions.kosa.settingsPrefix - fvd
FF - user.js: extensions.kosa.smspHideAds - false
FF - user.js: extensions.kosa.smspMaxPerPage - 10
FF - user.js: extensions.kosa.userId - c9929576-5e09-454f-80ca-9dd101fbac71
FF - user.js: extensions.kosa.vercheck - hxxp://init.kallout.com/versioncheck.js
FF - user.js: extensions.kosa.version - 2.2.3
FF - user.js: extensions.lastAppVersion - 14.0.1
FF - user.js: extensions.lastPlatformVersion - 14.0.1
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.register@pgport.com.data - {ef522540-89f5-46b9-b6fe-1829e2b572c6},0,9999,999.999.999,9999,|{c50ca3c4-5656-43c2-a061-13e717f73fc8},5300,5300,4.0.1,5300,fvd|fvd@kallout.com,5200,5200,4.0.1,5200,fvd|fbg@pgport.com,0,5100,0.0.0,4600,|kosa@kallout.com,5000,5000,2.0.1,5000,sm|ytvdh@pgport.com,0,4800,1.1.3,4800,|ytvdw@pgport.com,0,4700,1.1.3,4700,|btpersonas@brandthunder.com,0,4600,0.0.0.,4600,|lifetimesavings@pgport.com,0,1002,0.0.0.,1002,|afhack@pgport.com,0,1001,0.0.0.,1001,|afext@pgport.com,0,1000,0.0.0.,1000,
FF - user.js: extensions.register@pgport.com.version - 1017
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.skype_toolbar.version - 5.10.0.9560
FF - user.js: extensions.testpilot.alreadyCustomizedToolbar - true
FF - user.js: extensions.testpilot@labs.mozilla.com.install-event-fired - true
FF - user.js: extensions.ui.dictionary.hidden - true
FF - user.js: extensions.ui.lastCategory - addons://list/extension
FF - user.js: extensions.ui.locale.hidden - true
FF - user.js: extensions.update.notifyUser - false
FF - user.js: extensions.{20a82645-c095-46ed-80e3-08825760534b}.install-event-fired - true
FF - user.js: extensions.{23fcfd51-4958-4f00-80a3-ae97e717ed8b}.install-event-fired - true
FF - user.js: extensions.{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.install-event-fired - true
FF - user.js: extensions.{E2883E8F-472F-4fb0-9522-AC9BF37916A7}.install-event-fired - true
FF - user.js: extensions.{c50ca3c4-5656-43c2-a061-13e717f73fc8}.install-event-fired - true
FF - user.js: extensions.{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.install-event-fired - true
FF - user.js: extensions.{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}.install-event-fired - true
FF - user.js: font.internaluseonly.changed - true
FF - user.js: fvd.first_time_use - false
FF - user.js: gfx.blacklist.suggested-driver-version - 257.21
FF - user.js: icqtoolbar.allowSendURL - false
FF - user.js: icqtoolbar.engineVerified - true
FF - user.js: icqtoolbar.geolastmodified - 1271677352
FF - user.js: icqtoolbar.hiddenElements - itb_options
FF - user.js: icqtoolbar.history - Super.8.2011.DVDSCR.XViD-EVO%20torrent||Super.8.2011.DVDSCR.XviD.AC3-ViSiON%20torrent||Ringu%200%3A%20Basudei%20torrent||isohunt%20Ring.0.Birthday.2000.iNTERNAL.DVDRip.XviD-iLS%20torrent||Ring.0.Birthday.2000.iNTERNAL.DVDRip.XviD-iLS%20torrent||piratebay%20Smiley.Face.LIMITED.DVDRip.XviD-iMBT%20torrent||isohunt%20Smiley.Face.Festival.DVDSCR.XviD-XanaX%20torrent||Smiley.Face.Festival.DVDSCR.XviD-XanaX%20torrent||Smiley.Face.LIMITED.DVDRip.XviD-iMBT%20torrent||how.i.met.your.mother.s07e05.hdtv.xvid-lol%20torrent||menza%20jednota||abz%20slovn%C3%ADk||isifa%2Fgetty%20images||Shelter.LiMiTED.DVDRip.XviD-ALLiANCE||how.i.met.your.mother.s07e04.hdtv.xvid-lol
FF - user.js: icqtoolbar.icqgeo - 42
FF - user.js: icqtoolbar.installTime - 1270415208
FF - user.js: icqtoolbar.newtab_state - 1
FF - user.js: icqtoolbar.numberOfSearches - 0
FF - user.js: icqtoolbar.previousFFVersion - 3.6.23
FF - user.js: icqtoolbar.skip_default_search - no
FF - user.js: icqtoolbar.suggestions - false
FF - user.js: icqtoolbar.uninstStatSent - true
FF - user.js: icqtoolbar.uniqueID - 122881625112288168511228899951121
FF - user.js: icqtoolbar.usageStatstTimestamp - 1318699420
FF - user.js: icqtoolbar.xmlEnableSuggestions - false
FF - user.js: icqtoolbar.xmlLanguage - cs
FF - user.js: idle.lastDailyNotification - 1343689907
FF - user.js: intl.charsetmenu.browser.cache - ISO-8859-1, windows-1250, windows-1251, ISO-8859-2, UTF-8
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: oldKeyword - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60327&qkw=
FF - user.js: places.database.lastMaintenance - 1343689912
FF - user.js: places.history.expiration.transient_current_max_pages - 26830
FF - user.js: places.last_vacuum - 1331515232
FF - user.js: plugin.expose_full_path - true
FF - user.js: pref.advanced.javascript.disable_button.advanced - false
FF - user.js: pref.browser.homepage.disable_button.current_page - false
FF - user.js: pref.browser.homepage.disable_button.restore_default - false
FF - user.js: pref.privacy.disable_button.view_cookies - false
FF - user.js: print.print_bgcolor - false
FF - user.js: print.print_bgimages - false
FF - user.js: print.print_command -
FF - user.js: print.print_downloadfonts - true
FF - user.js: print.print_evenpages - true
FF - user.js: print.print_in_color - true
FF - user.js: print.print_margin_bottom - 0.5
FF - user.js: print.print_margin_left - 0.5
FF - user.js: print.print_margin_right - 0.5
FF - user.js: print.print_margin_top - 0.5
FF - user.js: print.print_oddpages - true
FF - user.js: print.print_orientation - 0
FF - user.js: print.print_pagedelay - 500
FF - user.js: print.print_paper_data - 0
FF - user.js: print.print_paper_height - 11,00
FF - user.js: print.print_paper_size - 7209061
FF - user.js: print.print_paper_size_type - 1
FF - user.js: print.print_paper_size_unit - 0
FF - user.js: print.print_paper_width - 8,50
FF - user.js: print.print_printer - Adobe PDF
FF - user.js: print.print_reversed - false
FF - user.js: print.print_scaling - 1,00
FF - user.js: print.print_shrink_to_fit - true
FF - user.js: print.print_to_file - false
FF - user.js: print.print_to_filename -
FF - user.js: print.print_unwriteable_margin_bottom - 0
FF - user.js: print.print_unwriteable_margin_left - 0
FF - user.js: print.print_unwriteable_margin_right - 0
FF - user.js: print.print_unwriteable_margin_top - 0
FF - user.js: print.printer_Adobe_PDF.print_bgcolor - false
FF - user.js: print.printer_Adobe_PDF.print_bgimages - false
FF - user.js: print.printer_Adobe_PDF.print_command -
FF - user.js: print.printer_Adobe_PDF.print_downloadfonts - true
FF - user.js: print.printer_Adobe_PDF.print_edge_bottom - 0
FF - user.js: print.printer_Adobe_PDF.print_edge_left - 0
FF - user.js: print.printer_Adobe_PDF.print_edge_right - 0
FF - user.js: print.printer_Adobe_PDF.print_edge_top - 0
FF - user.js: print.printer_Adobe_PDF.print_evenpages - true
FF - user.js: print.printer_Adobe_PDF.print_footercenter -
FF - user.js: print.printer_Adobe_PDF.print_footerleft - &PT
FF - user.js: print.printer_Adobe_PDF.print_footerright - &D
FF - user.js: print.printer_Adobe_PDF.print_headercenter -
FF - user.js: print.printer_Adobe_PDF.print_headerleft - &T
FF - user.js: print.printer_Adobe_PDF.print_headerright - &U
FF - user.js: print.printer_Adobe_PDF.print_in_color - true
FF - user.js: print.printer_Adobe_PDF.print_margin_bottom - 0.5
FF - user.js: print.printer_Adobe_PDF.print_margin_left - 0.5
FF - user.js: print.printer_Adobe_PDF.print_margin_right - 0.5
FF - user.js: print.printer_Adobe_PDF.print_margin_top - 0.5
FF - user.js: print.printer_Adobe_PDF.print_oddpages - true
FF - user.js: print.printer_Adobe_PDF.print_orientation - 0
FF - user.js: print.printer_Adobe_PDF.print_pagedelay - 500
FF - user.js: print.printer_Adobe_PDF.print_paper_data - 0
FF - user.js: print.printer_Adobe_PDF.print_paper_height - 11,00
FF - user.js: print.printer_Adobe_PDF.print_paper_size_type - 0
FF - user.js: print.printer_Adobe_PDF.print_paper_size_unit - 1
FF - user.js: print.printer_Adobe_PDF.print_paper_width - 8,50
FF - user.js: print.printer_Adobe_PDF.print_reversed - false
FF - user.js: print.printer_Adobe_PDF.print_scaling - 1,00
FF - user.js: print.printer_Adobe_PDF.print_shrink_to_fit - true
FF - user.js: print.printer_Adobe_PDF.print_to_file - false
FF - user.js: print.printer_Adobe_PDF.print_to_filename -
FF - user.js: print.printer_Adobe_PDF.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Adobe_PDF.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Adobe_PDF.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Adobe_PDF.print_unwriteable_margin_top - 0
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: privacy.sanitize.timeSpan - 3
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: storage.vacuum.last.index - 1
FF - user.js: storage.vacuum.last.places.sqlite - 1343506873
FF - user.js: toolkit.startup.last_success - 1343924707
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: toolkit.telemetry.rejected - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1345980394
FF - user.js: urlclassifier.tableversion.goog-black-enchash - 1.53228
FF - user.js: urlclassifier.tableversion.goog-black-url - 1.22331
FF - user.js: urlclassifier.tableversion.goog-white-domain - 1.480
FF - user.js: urlclassifier.tableversion.goog-white-url - 1.371
FF - user.js: useragentswitcher.import.overwrite - false
FF - user.js: useragentswitcher.menu.hide - false
FF - user.js: useragentswitcher.version - 0.73
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.103 -
FF - user.js: xpinstall.whitelist.add.36 -
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: browser.blink_allowed - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-08 11:43
Windows 5.1.2600 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1048)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(3948)
c:\windows\system32\guard32.dll
c:\windows\system32\MSCTF.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\MPR.dll
.
- - - - - - - > 'csrss.exe'(964)
c:\windows\system32\cmdcsr.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\program files\COMODO\COMODO GeekBuddy\CLPS.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2012-08-08 11:53:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-08 09:53
ComboFix2.txt 2012-08-07 19:27
ComboFix3.txt 2009-12-19 19:16
ComboFix4.txt 2009-04-21 20:39
.
Před spuštěním: 2 579 877 888
Po spuštění: 2 561 179 648
.
- - End Of File - - 9BCFA5E62D160819B26C4AFE2D1EE6E7
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#17 Příspěvek od Trasheek »

Teď jsem se díval na info z firewallu, kde mi Comodo hlásí: Defense+ zablokoval 16 pokusů o průnik. Ty konkrétní pokusy přikládám na screenshotu. Firewall jsem ale při práci s RogueKillerem i ComboFixem měl vždy deaktivován, stejně jako avast. Tak si nejsem jistý, jestli to i nezabránilo nějaké opravě nebo smazání čehosi nežádoucího...
Přílohy
comodo_screen.jpg
comodo_screen.jpg (324.84 KiB) Zobrazeno 2508 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Viry neodstraněné Avastem

#18 Příspěvek od vyosek »

:arrow: CF neudelal co mel :?:

:arrow: Z Comoda mate spusteny jen FW nebo i dalsi stity :???:

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#19 Příspěvek od Trasheek »

V Comodu mám aktivní jen firewall, internet a proactive security ne, zabezpečení sandboxu neaktivní (prd se v tom vyznám, omlouvám se...Comodo jsem instaloval teprve asi předevčírem, jen jsem to odklikal, tak je tam asi nějaké základní nastavení). Asi se to spustilo společně s antivirem při restartu počítače Combofixem při vytváření logu, předtím tam žádná upozorňovací okna nevyskakovala a počítač hlásil, že je ohrožen - firewall i antivir neaktivní. Tady je teď report OTL:
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#20 Příspěvek od Trasheek »

OTL logfile created on: 8.8.2012 19:55:23 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Trash\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 355,91 Mb Available Physical Memory | 34,77% Memory free
2,40 Gb Paging File | 1,84 Gb Available in Paging File | 76,37% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 2,05 Gb Free Space | 3,67% Space Free | Partition Type: NTFS

Computer Name: KALKULACKA | User Name: Trash | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.08.08 19:36:25 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Trash\Plocha\OTL.exe
PRC - [2012.07.29 12:58:10 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.07.05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.03.11 21:13:02 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.11.23 12:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.11 03:06:00 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2006.09.18 14:12:12 | 000,843,776 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2003.05.08 12:34:32 | 000,069,632 | ---- | M] (adi) -- C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
PRC - [2003.05.05 09:57:30 | 000,143,360 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
PRC - [2002.09.20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012.08.08 19:21:35 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2012.08.08 09:22:43 | 001,793,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12080800\algo.dll
MOD - [2012.07.29 12:58:08 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008.01.25 17:10:16 | 000,098,304 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EScript.CZE
MOD - [2007.07.11 05:12:46 | 003,010,560 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\RdLang32.CZE
MOD - [2007.07.11 04:57:22 | 000,049,152 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\WebLink.CZE
MOD - [2007.07.11 04:54:50 | 000,036,864 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Spelling.CZE
MOD - [2007.07.11 04:54:16 | 000,032,768 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SendMail.CZE
MOD - [2007.07.11 04:53:22 | 000,053,248 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search.CZE
MOD - [2007.07.11 04:51:16 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SaveAsRTF.CZE
MOD - [2007.07.11 04:50:22 | 000,012,800 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ReadOutLoud.CZE
MOD - [2007.07.11 04:48:56 | 000,933,888 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\PPKLite.CZE
MOD - [2007.07.11 04:47:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia.CZE
MOD - [2007.07.11 04:46:24 | 000,073,728 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\makeaccessible.CZE
MOD - [2007.07.11 04:43:08 | 000,006,144 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EWH32.CZE
MOD - [2007.07.11 04:39:58 | 000,204,800 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\DigSig.CZE
MOD - [2007.07.11 04:38:58 | 000,184,320 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Checkers.CZE
MOD - [2007.07.11 04:37:24 | 001,196,032 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annots.CZE
MOD - [2007.07.11 04:35:06 | 000,782,336 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Acroform.CZE
MOD - [2007.07.11 04:34:14 | 000,077,824 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\accessibility.CZE
MOD - [2007.05.22 11:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007.01.13 12:01:28 | 000,475,136 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll
MOD - [2007.01.13 12:01:28 | 000,397,312 | R--- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
MOD - [2006.12.14 10:32:46 | 000,005,120 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\updater.CZE
MOD - [2006.12.14 10:25:58 | 000,011,776 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search5.CZE
MOD - [2006.12.14 10:22:00 | 000,008,192 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\reflow.CZE
MOD - [2006.12.14 10:09:48 | 000,010,752 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\pddom.CZE
MOD - [2006.12.14 09:56:08 | 000,013,312 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\HLS.CZE
MOD - [2006.12.14 09:49:06 | 000,028,672 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\eBook.CZE
MOD - [2006.10.22 13:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2006.09.18 14:12:12 | 000,843,776 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.07.29 12:58:09 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.03.11 21:13:22 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.11.23 12:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2010.03.29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009.12.12 18:50:55 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.04.27 15:32:16 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2002.09.20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dbustrcm)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ab63xy9o)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.06.22 00:46:12 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2012.06.22 00:46:11 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012.03.11 21:13:48 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012.03.11 21:13:46 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012.03.11 21:13:46 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.09.24 21:25:12 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.04.13 18:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2010.04.13 18:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2010.04.13 18:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2010.04.13 18:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2010.04.13 18:45:36 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2007.12.02 19:31:13 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007.09.14 15:15:32 | 000,008,192 | ---- | M] (REALiX(tm)) [Kernel | Auto | Running] -- C:\Program Files\HWiNFO32\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2007.04.03 19:25:08 | 010,246,144 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2006.05.10 16:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006.04.07 15:19:32 | 000,067,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2001.08.17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://supertoolbar.ask.com/redirect?cl ... underscore}
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60327
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT3072253
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Trash\Data aplikací\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.06 19:21:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.29 12:58:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.08 19:22:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 12\components [2011.03.04 13:13:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 12\plugins [2012.01.25 05:25:53 | 000,000,000 | ---D | M]

[2008.06.18 12:25:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Extensions
[2012.08.04 15:12:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\extensions
[2012.08.07 13:50:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-1.xml
[2011.11.10 09:42:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-10.xml
[2009.09.13 14:48:35 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-11.xml
[2009.12.17 20:21:13 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-12.xml
[2010.01.07 18:57:03 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-13.xml
[2010.02.19 02:03:48 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-14.xml
[2010.04.04 23:06:46 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-15.xml
[2010.06.24 07:19:15 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-16.xml
[2010.07.22 08:58:47 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-17.xml
[2010.09.09 09:59:17 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-18.xml
[2009.09.11 00:32:24 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-2.xml
[2009.02.05 12:19:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-3.xml
[2009.03.28 13:42:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-4.xml
[2009.04.23 02:59:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-5.xml
[2009.04.29 12:54:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-6.xml
[2009.06.13 13:49:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-7.xml
[2009.06.13 18:45:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-8.xml
[2009.07.23 00:27:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-9.xml
[2010.02.03 14:37:50 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin.xml
[2009.01.12 15:08:04 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\sfd.xml
[2012.08.06 15:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.05 08:30:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.08.06 15:45:50 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TRASH\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\SM04586P.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TRASH\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\SM04586P.DEFAULT\EXTENSIONS\{E968FC70-8F95-4AB9-9E79-304DE2A71EE1}.XPI
[2012.08.06 19:21:54 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.07.29 12:58:10 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.08 14:14:05 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.08 14:14:05 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.25 11:35:29 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.06.08 14:14:05 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.08 14:14:05 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.08 14:14:05 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.08.08 11:43:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - No CLSID value found.
O4 - HKLM..\Run: [Adobe_ID0EZEHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe (adi)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe (SONIX)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 8576897218 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0699AC14-AA6A-4EAF-8AA2-40891279FEB1}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.31 20:03:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Kristal Studio)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.08.08 19:37:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\Sun
[2012.08.08 19:36:21 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Trash\Plocha\OTL.exe
[2012.08.08 19:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.08.08 19:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.08.08 19:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Data aplikací\Oracle
[2012.08.08 19:22:33 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.08.08 19:22:33 | 000,687,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.08.08 19:22:33 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.08.08 19:22:33 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.08.08 19:22:03 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.08.08 19:22:03 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.08.08 19:21:37 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.08 19:21:08 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.08.08 17:41:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Plocha\Rady našich Babiček
[2012.08.08 11:39:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.08.07 22:04:18 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Trash\Plocha\tdsskiller.exe
[2012.08.07 22:02:56 | 000,147,456 | ---- | C] (Eric_71) -- C:\Documents and Settings\Trash\Plocha\MbrScan.exe
[2012.08.07 21:10:58 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.08.07 21:04:46 | 004,728,030 | R--- | C] (Swearware) -- C:\Documents and Settings\Trash\Plocha\ComboFix.exe
[2012.08.07 19:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Plocha\RK_Quarantine
[2012.08.07 02:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
[2012.08.07 01:58:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\COMODO
[2012.08.07 01:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Comodo
[2012.08.07 01:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\COMODO
[2012.08.07 01:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012.08.06 19:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2012.08.06 19:23:02 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.08.06 19:23:01 | 000,353,688 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.08.06 19:22:55 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.08.06 19:22:54 | 000,721,000 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.08.06 19:22:54 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.08.06 19:22:53 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.08.06 19:22:53 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.08.06 19:22:52 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.08.06 19:21:36 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.08.06 19:21:34 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.08.06 19:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.08.06 19:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.08.06 16:15:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF
[2012.08.06 15:42:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
[2012.08.06 14:46:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files
[2012.08.05 03:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\Opera
[2012.08.05 03:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Data aplikací\Opera
[2012.08.05 03:13:59 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012.08.02 15:52:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012.08.02 15:14:54 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012.08.02 15:04:37 | 000,021,376 | ---- | C] (IObit) -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2012.08.02 14:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\ESET
[2012.08.01 22:02:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Plocha\amateur bare
[2010.06.15 16:57:09 | 004,284,535 | ---- | C] (ffdshow ) -- C:\Documents and Settings\Trash\Data aplikací\ffdshow.exe
[2010.06.15 16:57:01 | 000,642,685 | ---- | C] (Xvid team ) -- C:\Documents and Settings\Trash\Data aplikací\xvid.exe
[2010.06.15 16:56:33 | 002,169,915 | ---- | C] (LIGHTNING UK!) -- C:\Documents and Settings\Trash\Data aplikací\Imgburn.exe
[2010.06.15 16:55:39 | 004,182,178 | ---- | C] (The Public) -- C:\Documents and Settings\Trash\Data aplikací\Avisynth.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#21 Příspěvek od Trasheek »

========== Files - Modified Within 7 Days ==========

[2012.08.08 20:00:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.08 19:48:22 | 000,328,210 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\cvik1.jpg
[2012.08.08 19:48:06 | 000,359,319 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\cvik2.jpg
[2012.08.08 19:47:46 | 000,369,726 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\cvik3.jpg
[2012.08.08 19:46:06 | 000,273,566 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\cvik4.jpg
[2012.08.08 19:36:25 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Trash\Plocha\OTL.exe
[2012.08.08 19:33:07 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.08 19:33:05 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.08 19:32:04 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.08.08 19:30:16 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.08.08 19:28:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.08 19:26:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.08 19:26:37 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.08 19:21:37 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.08 19:21:25 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.08.08 19:21:24 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.08.08 11:58:51 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.08.08 11:43:29 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.08.07 22:04:19 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Trash\Plocha\tdsskiller.exe
[2012.08.07 22:02:58 | 000,147,456 | ---- | M] (Eric_71) -- C:\Documents and Settings\Trash\Plocha\MbrScan.exe
[2012.08.07 21:11:10 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.08.07 21:05:00 | 004,728,030 | R--- | M] (Swearware) -- C:\Documents and Settings\Trash\Plocha\ComboFix.exe
[2012.08.07 02:58:06 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\RSIT.exe
[2012.08.07 01:48:33 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2012.08.07 01:45:48 | 000,000,905 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO GeekBuddy.lnk
[2012.08.06 19:52:38 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\crt.dat
[2012.08.06 19:23:04 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.08.06 19:22:53 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.08.06 19:13:03 | 089,340,632 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\avast_free_antivirus_setup.exe
[2012.08.06 00:59:45 | 000,128,000 | ---- | M] () -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.05 03:17:40 | 000,019,015 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\[isoHunt] The Hunger (2012) 720p BluRay x264.torrent
[2012.08.05 03:15:55 | 000,001,446 | ---- | M] () -- C:\Documents and Settings\Trash\Dokumenty\default.htm
[2012.08.05 03:14:55 | 000,026,403 | ---- | M] () -- C:\WINDOWS\System32\epfwdata.bin
[2012.08.05 03:14:29 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2012.08.04 20:37:00 | 000,115,224 | ---- | M] () -- C:\img2-001.raw
[2012.08.03 19:00:23 | 841,297,044 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\La-mascara-del-demonio-(1989)-Dvdrip.avi
[2012.08.03 18:37:22 | 000,043,258 | ---- | M] () -- C:\Documents and Settings\Trash\Plocha\La-mascara-del-demonio-(1989)-Dvdrip.srt
[2012.08.03 17:13:20 | 000,013,521 | ---- | M] () -- C:\Documents and Settings\Trash\Dokumenty\nájmy.ods
[2012.08.02 18:59:27 | 000,087,174 | ---- | M] () -- C:\Documents and Settings\Trash\Dokumenty\System Information Report.html
[2012.08.02 18:28:05 | 000,452,816 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.08.02 18:28:05 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.02 18:28:05 | 000,087,236 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.08.02 18:28:05 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.08.08 20:00:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.08 19:48:52 | 000,273,566 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\cvik4.jpg
[2012.08.08 19:48:45 | 000,328,210 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\cvik1.jpg
[2012.08.08 19:48:43 | 000,359,319 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\cvik2.jpg
[2012.08.08 19:48:42 | 000,369,726 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\cvik3.jpg
[2012.08.07 21:11:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.08.07 21:11:01 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.08.07 02:58:05 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\RSIT.exe
[2012.08.07 01:48:33 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2012.08.07 01:45:48 | 000,000,905 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO GeekBuddy.lnk
[2012.08.06 19:23:42 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.06 19:23:41 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.06 19:23:04 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.08.06 19:22:54 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.08.06 19:12:32 | 089,340,632 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\avast_free_antivirus_setup.exe
[2012.08.06 15:37:49 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.05 03:17:40 | 000,019,015 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\[isoHunt] The Hunger (2012) 720p BluRay x264.torrent
[2012.08.05 03:15:55 | 000,001,446 | ---- | C] () -- C:\Documents and Settings\Trash\Dokumenty\default.htm
[2012.08.05 03:14:29 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
[2012.08.05 03:14:27 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2012.08.05 03:14:11 | 000,026,403 | ---- | C] () -- C:\WINDOWS\System32\epfwdata.bin
[2012.08.03 18:37:08 | 000,043,258 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\La-mascara-del-demonio-(1989)-Dvdrip.srt
[2012.08.03 18:12:59 | 841,297,044 | ---- | C] () -- C:\Documents and Settings\Trash\Plocha\La-mascara-del-demonio-(1989)-Dvdrip.avi
[2012.08.02 18:59:27 | 000,087,174 | ---- | C] () -- C:\Documents and Settings\Trash\Dokumenty\System Information Report.html
[2012.06.24 19:23:59 | 000,204,824 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.06.24 15:06:44 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Trash\.recently-used.xbel
[2012.06.22 00:46:11 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2012.06.22 00:46:11 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2012.03.05 17:22:22 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\crt.dat
[2012.03.05 17:22:18 | 000,295,061 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2012.02.24 01:54:07 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\Trash\0.ddi
[2012.02.24 01:53:39 | 000,005,528 | ---- | C] () -- C:\Documents and Settings\Trash\169761.avi.ddr
[2011.07.19 12:09:17 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.07.19 12:09:17 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.07.18 21:41:03 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ReminderNextRun
[2011.03.30 02:44:14 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.03.30 02:44:14 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2010.08.27 15:12:30 | 007,437,824 | ---- | C] () -- C:\WINDOWS\System32\smfcore.dll
[2010.08.26 14:45:24 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010.08.26 14:45:24 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010.08.26 14:45:24 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010.08.26 14:45:24 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010.05.17 00:47:30 | 000,000,059 | ---- | C] () -- C:\Documents and Settings\Trash\Data aplikací\AVSMediaPlayer.m3u
[2008.12.14 21:15:03 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\Trash\Data aplikací\mdbu.bin
[2008.04.23 13:34:33 | 008,712,643 | ---- | C] () -- C:\Program Files\Last.fm.zip
[2007.12.12 00:25:32 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\Trash\Data aplikací\AVSDVDPlayer.m3u
[2007.12.11 21:55:42 | 000,002,925 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.11.06 16:11:31 | 000,128,000 | ---- | C] () -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2008.01.19 17:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AnyCapture
[2012.08.06 19:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.08.07 13:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
[2012.06.24 21:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.06.24 21:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2011.09.17 23:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.04.04 23:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.08.02 14:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2007.11.06 11:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Last.fm
[2009.04.18 16:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2008.03.07 14:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MAGIX
[2007.10.31 21:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2009.02.22 19:50:50 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Data aplikací\Memeo
[2012.02.23 17:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.05.02 02:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\xml_param
[2010.12.28 15:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Audacity
[2011.06.21 15:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\avidemux
[2010.06.04 18:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\BSplayer
[2009.05.18 21:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\BSplayer Pro
[2007.12.15 15:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Codemasters
[2008.04.08 10:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\DAEMON Tools
[2011.03.17 11:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\DMCache
[2011.03.30 02:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\DonationCoder
[2011.09.17 23:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\ESET
[2010.06.14 12:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Facebook
[2008.01.03 17:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\FeedReaderCZ
[2010.06.15 17:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\FLV Extract
[2010.12.03 20:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\GameRanger
[2011.09.23 18:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\gtk-2.0
[2012.08.05 17:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\ICQ
[2007.11.06 11:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\ICQLite
[2012.08.06 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\IObit
[2008.08.03 21:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Jpeg Resampler
[2012.08.06 16:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF
[2009.11.15 18:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Miranda
[2011.03.29 11:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\OpenCandy
[2010.10.05 11:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\OpenOffice.org
[2012.08.05 03:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Opera
[2012.08.08 19:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Oracle
[2009.11.14 01:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\QIP
[2007.12.10 20:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Renoise
[2008.01.13 05:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\SoundSpectrum
[2009.11.07 14:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Stellarium
[2012.07.26 19:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Telefónica Móviles
[2010.10.21 23:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\uTorrent
[2010.02.07 20:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\vghd
[2009.11.18 23:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Windows Desktop Search
[2009.11.19 02:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Windows Search
[2009.01.03 21:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Zoner
[2012.08.08 19:32:04 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\SoftwareDistribution\Download\35df3b7362f9361af2fa0d1e6d23d778\sp2gdr\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\SoftwareDistribution\Download\35df3b7362f9361af2fa0d1e6d23d778\sp2qfe\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\SoftwareDistribution\Download\35df3b7362f9361af2fa0d1e6d23d778\sp3gdr\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\35df3b7362f9361af2fa0d1e6d23d778\sp3qfe\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[10 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
[1 C:\WINDOWS\system32\Setup\*.tmp files -> C:\WINDOWS\system32\Setup\*.tmp -> ]
[3 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.07.18 23:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Adobe
[2007.12.20 04:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Apple Computer
[2010.12.28 15:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Audacity
[2011.06.21 15:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\avidemux
[2010.06.04 18:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\BSplayer
[2009.05.18 21:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\BSplayer Pro
[2007.12.15 15:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Codemasters
[2010.08.09 23:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\CyberLink
[2008.04.08 10:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\DAEMON Tools
[2012.01.28 17:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\DivX
[2011.03.17 11:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\DMCache
[2011.03.30 02:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\DonationCoder
[2011.02.28 01:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\dvdcss
[2011.09.17 23:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\ESET
[2010.06.14 12:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Facebook
[2008.01.03 17:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\FeedReaderCZ
[2010.06.15 17:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\FLV Extract
[2010.12.03 20:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\GameRanger
[2009.07.11 15:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Google
[2011.09.23 18:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\gtk-2.0
[2008.03.04 10:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Hamachi
[2008.03.23 04:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Help
[2012.08.05 17:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\ICQ
[2007.11.06 11:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\ICQLite
[2007.10.31 20:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Identities
[2010.08.08 10:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\InstallShield
[2012.08.06 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\IObit
[2008.08.03 21:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Jpeg Resampler
[2012.08.06 16:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF
[2009.02.22 19:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Lavasoft
[2007.10.31 21:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Macromedia
[2009.02.18 20:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Malwarebytes
[2012.08.06 22:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Media Player Classic
[2010.08.18 17:23:50 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Trash\Data aplikací\Microsoft
[2009.11.15 18:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Miranda
[2008.06.18 12:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Mozilla
[2011.03.29 11:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\OpenCandy
[2010.10.05 11:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\OpenOffice.org
[2010.08.18 17:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\OpenOffice.org2
[2012.08.05 03:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Opera
[2012.08.08 19:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Oracle
[2009.11.14 01:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\QIP
[2009.09.06 19:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Real
[2007.12.10 20:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Renoise
[2012.08.08 12:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Skype
[2011.10.09 13:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\skypePM
[2008.01.13 05:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\SoundSpectrum
[2009.11.07 14:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Stellarium
[2008.02.01 01:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Sun
[2007.10.31 21:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Talkback
[2012.07.26 19:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Telefónica Móviles
[2012.06.22 00:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\U3
[2010.10.21 23:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\uTorrent
[2010.02.07 20:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\vghd
[2007.11.06 12:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\vlc
[2012.08.06 22:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Winamp
[2009.11.18 23:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Windows Desktop Search
[2009.11.19 02:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Windows Search
[2007.11.07 10:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\WinRAR
[2009.01.03 21:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.06.15 16:56:23 | 004,182,178 | ---- | M] (The Public) -- C:\Documents and Settings\Trash\Data aplikací\Avisynth.exe
[2010.06.15 16:57:44 | 004,284,535 | ---- | M] (ffdshow ) -- C:\Documents and Settings\Trash\Data aplikací\ffdshow.exe
[2010.06.15 16:56:53 | 002,169,915 | ---- | M] (LIGHTNING UK!) -- C:\Documents and Settings\Trash\Data aplikací\Imgburn.exe
[2010.06.15 16:57:07 | 000,642,685 | ---- | M] (Xvid team ) -- C:\Documents and Settings\Trash\Data aplikací\xvid.exe
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 11:51:06 | 000,691,717 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2010.06.14 12:19:58 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Trash\Data aplikací\Facebook\uninstall.exe
[2010.12.10 22:56:50 | 001,248,992 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\Trash\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2008.04.28 15:43:48 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
[2008.04.28 15:43:48 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
[2008.04.28 15:43:48 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Trash\Data aplikací\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
[2011.03.29 11:42:41 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\OpenCandy\A018F0D2302049ADB7CCCB9D2839FC4F\LatestDLMgr.exe
[2011.03.17 11:03:42 | 000,415,816 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\OpenCandy\D3E52C1ACD004C8EA2CE8CC1A29219EE\LatestDLMgr.exe
[2011.03.17 11:11:21 | 000,415,816 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\OpenCandy\OpenCandy_2F881BB2A35B408F84EBE10D06AB366F\LatestDLMgr.exe
[2011.02.09 21:04:30 | 000,059,688 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\OpenCandy\OpenCandy_A018F0D2302049ADB7CCCB9D2839FC4F\RevStarter.exe
[2010.06.27 01:21:36 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Trash\Data aplikací\Real\Update\setup3.10\setup.exe
[2010.09.14 22:13:11 | 000,452,104 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Trash\Data aplikací\Real\Update\setup3.12\setup.exe
[2010.12.09 20:04:26 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Trash\Data aplikací\Real\Update\setup3.13\setup.exe
[2011.01.31 14:27:15 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Trash\Data aplikací\Real\Update\setup3.14\setup.exe
[2012.06.04 03:15:50 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Trash\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\U3\temp\cleanup.exe
[2007.10.23 09:22:56 | 003,350,528 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Trash\Data aplikací\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.08.08 19:32:04 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.08 19:33:07 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.08 19:33:05 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.09.24 21:25:12 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2007.10.31 21:52:25 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.10.31 21:52:25 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.10.31 21:52:25 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2012.08.06 19:22:53 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.08.06 19:52:38 | 000,000,016 | ---- | M] () -- C:\WINDOWS\system32\crt.dat
[2012.08.08 19:21:37 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2012.08.08 19:21:24 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\java.exe
[2012.08.08 19:21:25 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javaw.exe
[2012.08.08 19:30:16 | 000,088,566 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2012.08.08 19:28:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.07.29 12:58:10 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2007.08.13 19:43:56 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=DE49B348A18369B4626FBA1D49B07FB4 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.08.05 03:14:03 | 000,874,896 | ---- | M] (Opera Software) MD5=F594C0FB9F48829ADE080D07716739F1 -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.08 20:00:33 | 000,000,512 | ---- | M] () MD5=7B88DDB674ECB385D45A1B5E0F0EC57C -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.07.16 01:42:05 | 003,454,059 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 01 - spice crackers.mp3
[2012.07.17 01:37:26 | 006,135,685 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 02 - x-ray.mp3
[2010.07.16 01:31:09 | 003,622,452 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 03 - kraft.mp3
[2010.07.16 01:32:51 | 002,566,687 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 04 - electronic music.mp3
[2010.07.16 01:36:11 | 005,777,449 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 05 - bad news.mp3
[2010.07.16 01:38:43 | 005,042,259 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 06 - days run wild.mp3
[2010.07.16 01:42:05 | 005,890,298 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 07 - a place in china (heaven's not).mp3
[2010.07.16 01:42:52 | 001,538,507 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 08 - zwischenspiel 2.mp3
[2010.07.16 01:44:58 | 004,176,248 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 09 - funky service (what do you want to drink).mp3
[2010.07.16 01:48:54 | 007,298,403 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 10 - back to heaven.mp3
[2010.07.16 01:51:42 | 005,218,220 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 11 - je suis le dieu.mp3
[2010.07.16 01:56:32 | 009,206,804 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 12 - ronda's trigger.mp3
[2010.07.16 01:57:20 | 001,384,698 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 13 - travelling without moving.mp3
[2010.07.18 02:38:43 | 008,253,022 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\spice crackers\camouflage - spice crackers [1995] - 14 - spacetrain.mp3
[2012.05.14 03:42:13 | 006,782,645 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\v.a. - death # disco compilation - volume i (2011)\12 - nina belief - cracken attack.mp3
[2011.07.01 15:55:40 | 009,863,544 | ---- | M] () -- \Documents and Settings\Trash\Dokumenty\Hudba\va - we'll never stop living this way - a ghostly primer (gi132) [compilation] (2010)\27 - mux mool - crackers.mp3
[2011.09.17 22:03:45 | 000,006,356 | ---- | M] () -- \Documents and Settings\Trash\Plocha\utorrent-portable\NOD32+Patch+Crack.torrent
[2009.08.14 01:13:44 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat

< *keygen* /s >

< *loader* /s >
[2012.02.29 09:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 09:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2007.10.31 20:44:22 | 000,001,479 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\SoundMAX\DLS Loader.lnk
[2012.08.08 12:00:21 | 000,010,519 | ---- | M] () -- \Documents and Settings\Trash\Local Settings\Temporary Internet Files\Content.IE5\HYZM6420\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012.08.08 12:00:19 | 000,000,652 | ---- | M] () -- \Documents and Settings\Trash\Local Settings\Temporary Internet Files\Content.IE5\SE5IK702\AdLoader[1].htm
[2007.03.14 20:21:36 | 004,937,904 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 18:07:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 18:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 18:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.04.10 12:24:26 | 000,002,745 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\Scripts\Export As Xhtml\Startup Scripts\XHTMLExportMenuItemLoader.jsx
[2007.04.10 12:24:24 | 000,002,078 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\Scripts\XHTML For Digital Editions\Startup Scripts\OEBExportMenuItemLoader.jsx
[2003.06.26 19:10:12 | 000,106,496 | ---- | M] () -- \Program Files\Analog Devices\SoundMAX\DLSLoader.exe
[2002.08.30 16:09:00 | 000,000,595 | ---- | M] () -- \Program Files\Analog Devices\SoundMAX\DLSLoader.exe.manifest
[2007.02.19 18:59:40 | 000,011,309 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\WorkflowScriptLoader.jsx
[2007.02.19 18:59:40 | 000,001,240 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_da_DK.dat
[2007.02.19 18:59:40 | 000,001,268 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_de_DE.dat
[2007.02.19 18:59:40 | 000,001,172 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_en_US.dat
[2007.02.19 18:59:40 | 000,001,342 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_es_ES.dat
[2007.02.19 18:59:40 | 000,001,310 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_fr_FR.dat
[2007.02.19 18:59:40 | 000,001,282 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_it_IT.dat
[2007.02.19 18:59:40 | 000,001,016 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_ja_JP.dat
[2007.02.19 18:59:40 | 000,000,966 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_ko_KR.dat
[2007.02.19 18:59:40 | 000,001,198 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_nl_NL.dat
[2007.02.19 18:59:40 | 000,001,174 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_sv_SE.dat
[2007.02.19 18:59:40 | 000,000,882 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_zh_CN.dat
[2007.02.19 18:59:40 | 000,000,890 | ---- | M] () -- \Program Files\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_zh_TW.dat
[2007.03.14 18:10:18 | 000,088,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:20 | 000,025,188 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:26 | 000,032,022 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:28 | 000,032,216 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:30 | 000,027,655 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:36 | 000,030,891 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:38 | 000,032,399 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:42 | 000,032,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:42 | 000,032,393 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:46 | 000,022,871 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:48 | 000,025,272 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:50 | 000,032,109 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:50 | 000,032,441 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:52 | 000,032,499 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:54 | 000,032,074 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:56 | 000,032,110 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:10:58 | 000,024,996 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:00 | 000,031,772 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:02 | 000,024,463 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:04 | 000,025,054 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:06 | 000,032,171 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:06 | 000,024,411 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:08 | 000,025,525 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:10 | 000,032,741 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 18:11:10 | 000,032,833 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 17:35:32 | 000,004,239 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2009.07.31 13:40:40 | 000,003,614 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.08.08 22:51:40 | 000,016,536 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.08.08 22:51:42 | 000,019,096 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.08.08 22:51:44 | 000,027,288 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.08.08 22:51:46 | 000,012,440 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.08.08 22:51:48 | 000,017,048 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.08.08 22:51:54 | 000,019,608 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.08.08 22:51:56 | 000,014,488 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.08.08 22:52:02 | 000,019,096 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.08.08 22:52:04 | 000,016,024 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.08.08 22:52:06 | 000,011,928 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.08.08 22:52:08 | 000,017,048 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.08.08 22:52:10 | 000,016,536 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.08.08 22:52:14 | 000,011,416 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.08.08 22:52:18 | 000,013,976 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.08.08 22:52:20 | 000,028,312 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2007.11.13 18:56:14 | 000,014,336 | ---- | M] () -- \Program Files\Google\Google Earth\apiloader.dll
[2010.04.04 23:03:19 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.04.04 23:03:19 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.04.04 23:03:19 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.04.04 23:03:19 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\MUICoreLib\xtraLoader.swf
[2010.07.18 00:33:09 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.03.14 12:30:16 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\icq_profile\preloader.html
[2011.02.16 13:58:42 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_forms\preloader.html
[2011.02.16 13:58:44 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.10.03 00:59:03 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2010.10.03 01:28:40 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\warsheep\preloader02.swf
[2010.10.03 01:12:47 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\zoopaloola\preloader02.swf
[2010.04.04 23:05:44 | 000,552,798 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\theme\game_center\loaderBkg.png
[2012.08.02 13:12:05 | 000,605,568 | ---- | M] () -- \Program Files\IObit\Advanced SystemCare 3\free-software-downloader.exe
[2010.02.17 05:44:10 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2010.10.05 12:25:59 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.02.17 12:37:14 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.10.05 12:27:48 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.02.18 02:06:56 | 000,003,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.02.07 20:49:50 | 000,152,936 | ---- | M] () -- \Program Files\vghd\VirtuaGirl_Downloader.exe
[2006.12.23 18:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.ntd
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.03.26 11:45:18 | 000,071,208 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[10 \WINDOWS\system32\dllcache\*.tmp files -> \WINDOWS\system32\dllcache\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:1AAB2E68
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:CB0AACC9

< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Viry neodstraněné Avastem

#22 Příspěvek od vyosek »

:arrow: Reknu to takto, pokud neumite s FW pracovat (nastavit atd), tak jej radeji odinstalujte :?:

:arrow: Jinak priste nechci v PC ty nelegalni bezp. SW videt (cracky na ESET i Kaspersky) - toto tu netolerujem

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (dbustrcm)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ab63xy9o)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://supertoolbar.ask.com/redirect?cl ... src=crm&q={searchTerms}&locale={locale.underscore}
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... p=aus&qkw={searchTerms}&tbid=60327
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
[2012.08.07 13:50:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-1.xml
[2011.11.10 09:42:45 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-10.xml
[2009.09.13 14:48:35 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-11.xml
[2009.12.17 20:21:13 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-12.xml
[2010.01.07 18:57:03 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-13.xml
[2010.02.19 02:03:48 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-14.xml
[2010.04.04 23:06:46 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-15.xml
[2010.06.24 07:19:15 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-16.xml
[2010.07.22 08:58:47 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-17.xml
[2010.09.09 09:59:17 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-18.xml
[2009.09.11 00:32:24 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-2.xml
[2009.02.05 12:19:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-3.xml
[2009.03.28 13:42:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-4.xml
[2009.04.23 02:59:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-5.xml
[2009.04.29 12:54:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-6.xml
[2009.06.13 13:49:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-7.xml
[2009.06.13 18:45:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-8.xml
[2009.07.23 00:27:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-9.xml
[2010.02.03 14:37:50 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin.xml
[2009.01.12 15:08:04 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\sfd.xml
[2012.08.06 15:45:50 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TRASH\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\SM04586P.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TRASH\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\SM04586P.DEFAULT\EXTENSIONS\{E968FC70-8F95-4AB9-9E79-304DE2A71EE1}.XPI
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
[2012.08.06 16:15:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF
[2012.08.06 15:42:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
[2012.08.06 14:46:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files
[2012.08.02 15:04:37 | 000,021,376 | ---- | C] (IObit) -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2012.08.02 14:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\ESET
[2007.11.06 16:11:31 | 000,128,000 | ---- | C] () -- C:\Documents and Settings\Trash\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.17 23:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2012.08.02 14:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2011.09.17 23:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\ESET
[2012.08.06 22:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\IObit
[2012.08.06 16:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[10 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
[1 C:\WINDOWS\system32\Setup\*.tmp files -> C:\WINDOWS\system32\Setup\*.tmp -> ]
[3 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
[2012.08.08 19:32:04 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.08 19:33:07 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.08 19:33:05 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:1AAB2E68
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:CB0AACC9

:services
gupdate
gupdatem

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=-
"Adobe Reader Speed Launcher"=-

:files
c:\Documents and Settings\Trash\Plocha\utorrent-portable\NOD32+Patch+Crack.torrent
%windir%\system32\*.tmp.dll /s
%windir%\system32\dllcache\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#23 Příspěvek od Trasheek »

Omlouvám se...já se polepším :oops:

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service dbustrcm stopped successfully!
Service dbustrcm deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
Error: No service named ab63xy9o was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ab63xy9o deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Bar| /E : value set successfully!
HKU\S-1-5-21-1960408961-1592454029-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Mozilla\Firefox\Profiles\sm04586p.default\searchplugins\sfd.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\skin folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\locale\en folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_USERS\S-1-5-21-1960408961-1592454029-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{ED4BD629-C1B6-4399-8A34-02CCAA921DC9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED4BD629-C1B6-4399-8A34-02CCAA921DC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF\Kaspersky-Key-Finder-V1.5_Url_x105qibf1kkfozvipp5udrdwq005lsvy\1.5.2.0 folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF\Kaspersky-Key-Finder-V1.5_Url_x105qibf1kkfozvipp5udrdwq005lsvy folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab\AVP9\temp folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab\AVP9 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.706\English folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.706 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files folder moved successfully.
C:\WINDOWS\system32\RegistryDefragBootTime.exe moved successfully.
C:\Documents and Settings\Trash\Local Settings\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Trash\Local Settings\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\Trash\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\SmartRAM folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\InternetBooster folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Startup Manager folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Smart RAM folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\SecurityHoles folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Internet Booster folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Driver Manager\DriverBackup folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Driver Manager folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\DiskCheck folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit\Advanced SystemCare folder moved successfully.
C:\Documents and Settings\Trash\Data aplikací\IObit folder moved successfully.
Folder C:\Documents and Settings\Trash\Data aplikací\Kaspersky_Key_Finder_(KKF\ not found.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\AppPatch\SET1ECA.tmp deleted successfully.
C:\WINDOWS\AppPatch\SET1ECE.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CA2.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CA2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP210E.tmp\ServiceModelReg.exe deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP210E.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI64.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6F.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1630.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1631.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1632.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1634.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1635.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1636.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET172E.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET172F.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1730.tmp deleted successfully.
C:\WINDOWS\system32\dllcache\SET1731.tmp deleted successfully.
C:\WINDOWS\system32\drivers\SET1A6A.tmp deleted successfully.
C:\WINDOWS\system32\Setup\SET1A6C.tmp deleted successfully.
C:\WINDOWS\system32\wbem\SET18C1.tmp deleted successfully.
C:\WINDOWS\system32\wbem\SET18C2.tmp deleted successfully.
C:\WINDOWS\system32\wbem\SET18C3.tmp deleted successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:1AAB2E68 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:CB0AACC9 deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\TkBellExe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher not found.
========== FILES ==========
c:\Documents and Settings\Trash\Plocha\utorrent-portable\NOD32+Patch+Crack.torrent moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\dllcache\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 65536 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Trash
->Temp folder emptied: 28234119 bytes
->Temporary Internet Files folder emptied: 6113402 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 166303905 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 19490 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1646 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 205281 bytes
RecycleBin emptied: 64426297 bytes

Total Files Cleaned = 253,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Trash
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Trash
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.56.0 log created on 08082012_223609

Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\hsperfdata_LOCAL SERVICE\3224 scheduled to be moved on reboot.
C:\Documents and Settings\Trash\Local Settings\Temporary Internet Files\Content.IE5\8YEEOH61\P77599VZVI5[1].jpg moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
[2012.07.27 13:50:10 | 000,065,536 | ---- | M] () C:\Documents and Settings\LocalService\Local Settings\Temp\hsperfdata_LOCAL SERVICE\3224 : Unable to obtain MD5
File C:\Documents and Settings\Trash\Local Settings\Temporary Internet Files\Content.IE5\8YEEOH61\P77599VZVI5[1].jpg not found!
[2012.08.08 22:40:37 | 000,000,000 | ---- | M] () C:\WINDOWS\temp\_avast_\Webshlock.txt : Unable to obtain MD5

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Viry neodstraněné Avastem

#24 Příspěvek od vyosek »

:arrow: Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.
  • Utilitu spustte a prikazte ji, at skenuje - klik na Scan
  • Kliknutim na Save log ulozte log aswMBR na plochu
  • Obsah logu aswMBR mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#25 Příspěvek od Trasheek »

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-08 23:19:24
-----------------------------
23:19:24.500 OS Version: Windows 5.1.2600 Service Pack 2
23:19:24.500 Number of processors: 2 586 0x303
23:19:24.500 ComputerName: KALKULACKA UserName: Trash
23:19:43.171 Initialize success
23:19:46.093 AVAST engine defs: 12080801
23:19:56.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
23:19:56.203 Disk 0 Vendor: WDC_WD600JB-00CRA1 17.07W17 Size: 57241MB BusType: 3
23:19:56.234 Disk 0 MBR read successfully
23:19:56.234 Disk 0 MBR scan
23:19:56.437 Disk 0 Windows XP default MBR code
23:19:56.437 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 57231 MB offset 63
23:19:56.437 Disk 0 scanning sectors +117210240
23:19:56.515 Disk 0 scanning C:\WINDOWS\system32\drivers
23:20:16.015 Service scanning
23:20:31.609 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
23:20:35.359 Modules scanning
23:20:59.125 Disk 0 trace - called modules:
23:20:59.125
23:20:59.390 AVAST engine scan C:\WINDOWS
23:21:07.515 AVAST engine scan C:\WINDOWS\system32
23:24:30.812 AVAST engine scan C:\WINDOWS\system32\drivers
23:24:46.906 AVAST engine scan C:\Documents and Settings\Trash
23:41:06.203 AVAST engine scan C:\Documents and Settings\All Users
23:43:28.500 Scan finished successfully
23:46:30.968 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Trash\Plocha\MBR.dat"
23:46:31.015 The log file has been saved successfully to "C:\Documents and Settings\Trash\Plocha\aswMBR.txt"
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Viry neodstraněné Avastem

#26 Příspěvek od vyosek »

Jak se chova nas pacient :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#27 Příspěvek od Trasheek »

No chová se podstatně lépe než předtím, řekl bych - téměř bezchybně! Akorát při spouštění Firefoxu (předchozí relace) jsem musel několikrát reloadovat stránky, protože mi to hlásilo přerušení spojení. Když jsem pak chtěl zkusit Opravení sítě -připojení k místní síti, píše mi to tuhle hlášku, která teda nevím, jestli něco ještě vypovídá, nebo to je už jiná nevím jaká kapitola :?:
Přílohy
scr.jpg
scr.jpg (54.89 KiB) Zobrazeno 2490 x
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#28 Příspěvek od Trasheek »

Abych to ještě upřesnil: panel, který byl zrovna otevřený, se načítal (a nekolikrát bylo přerušeno spojení), ostatní panely byly jakoby neaktivní, až když jsem jej otevřel, začalo se to připojovat, do té doby byla plocha stránky bílá a místo ikony servru byl na panelu jen prázdný rámeček...
Nahoru
Trasheek
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 21 úno 2009 20:32

Re: Viry neodstraněné Avastem

#29 Příspěvek od Trasheek »

Teď jsem to zkusil shodit znovu a už to naběhlo hned a všechno, takže asi v pořádku :|
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Viry neodstraněné Avastem

#30 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“