XP internet security- hází varovné hlášky- prosím o kontrolu

Zpráva

Ecinazuz · #1 Příspěvek od **Ecinazuz** » 24 dub 2010 13:38

Zdravím a prosím o kontrolu. Předchvílí se mi zbláznil PC a hází mi to hlášky- varovná okna od XP internet security
virus intrusion!
virus infection!
system hijack!
stealth intrusion!
privacy threath!
privacy alert!
tracking software founds
mám vypnuto: bránu firewal a ochranu proti virům, zapnuty jen aktualizace
/mám to zapnout?/...předtím jsem to neměla....

Projela jsem to Esetem- a nic to nenašlo
Eset smart security/ ale zdá se, že je na něm asi chyba, neaktualizoval se-/

posílám log
Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2010-04-24 14:34:07
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 144 GB (91%) free of 159 GB
Total RAM: 2047 MB (20% free)

======Scheduled tasks folder======

C:\WINDOWS\tasks\Úklid 1 kliknutím.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-05-11 8429568]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-05-11 81920]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-05-11 2512392]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"syncman"=c:\windows\system32\wuaucldt.exe [2010-04-24 29440]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-03-09 26100520]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"syncman"=c:\windows\system32\config\system [2010-04-24 4456448]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění
GIGABYTE VGA Utility.lnk - C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe
monxga32.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc3998e9-bd89-11de-8952-001d7d9061e7}]
shell\AutoRun\command - F:\EmDesk.exe
shell\EmDesk\command - F:\EmDesk.exe

======File associations======

.exe - open - "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\ave.exe" /START "%1" %*

======List of files/folders created in the last 1 months======

2010-04-24 13:28:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\avG
2010-04-24 13:25:45 ----A---- C:\WINDOWS\system32\wuaucldt.exe
2010-04-14 22:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 22:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 22:27:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-04-14 22:26:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 22:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 01:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 01:08:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-03-28 03:10:51 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2010-04-24 14:33:55 ----D---- C:\WINDOWS\temp
2010-04-24 14:26:09 ----D---- C:\WINDOWS
2010-04-24 13:43:40 ----D---- C:\Documents and Settings\Admin\Data aplikací\Skype
2010-04-24 13:40:50 ----D---- C:\WINDOWS\Prefetch
2010-04-24 13:28:38 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-24 13:26:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-24 13:25:48 ----D---- C:\WINDOWS\system32
2010-04-24 08:02:46 ----D---- C:\Documents and Settings\Admin\Data aplikací\skypePM
2010-04-24 05:53:35 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-21 22:52:35 ----D---- C:\WINDOWS\Minidump
2010-04-20 19:50:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2010-04-20 19:46:51 ----D---- C:\Program Files\Mozilla Firefox
2010-04-17 14:24:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-16 21:55:06 ----D---- C:\WINDOWS\Debug
2010-04-14 22:28:11 ----HD---- C:\WINDOWS\inf
2010-04-14 22:28:05 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 22:28:01 ----D---- C:\WINDOWS\system32\drivers
2010-04-14 08:35:56 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-14 01:06:12 ----D---- C:\Program Files\CCleaner
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-03-31 22:38:49 ----D---- C:\Program Files\Internet Explorer
2010-03-30 19:30:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
2010-03-28 03:19:37 ----SHD---- C:\WINDOWS\Installer
2010-03-28 03:18:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-28 03:10:51 ----D---- C:\Program Files\Common Files
2010-03-26 22:39:52 ----D---- C:\Documents and Settings\Admin\Data aplikací\VSO

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-05-11 6738432]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-11-08 274520]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2006-11-08 118870]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2003-05-23 106496]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-05-11 163908]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-05-11 1050120]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2006-11-08 262247]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-10-28 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-10 654848]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-10-28 360192]

-----------------EOF-----------------

Ecinazuz · #2 Příspěvek od **Ecinazuz** » 24 dub 2010 14:06

OK- dobře...ještě dotaz...kde najdu info jak velký mám systém?

Ecinazuz · #3 Příspěvek od **Ecinazuz** » 24 dub 2010 14:24

promiň....tvoje infornmace byla: pokud mas 64b Operacni system zkontroluj, zda je oznacen ctverecek "Pro 64bitove OS"
...jak to zjistím jak velký je OS- já to nevím.....

navíc mi právě zkolaboval prohlíčeč firefox /ten mám jako výchozí/
a kliknu-li na ikonu na ploše- spíše s prgramy /word, cccleaner, tuneup..../- objeví se hláška aplikace nenalezena, nebo dotaz -otevřít v programu- divné
přepla jsem se do IE ...abych mohla komunikovat dále

Ecinazuz · #4 Příspěvek od **Ecinazuz** » 24 dub 2010 14:55

no- tak nevím- programy jsem stáhla, ale ani jeden nespustím- vždy se mi otevře okno-otevřít v programu.....
a to nevím v jakém....

Ecinazuz · #5 Příspěvek od **Ecinazuz** » 24 dub 2010 15:17

ok- tak stahuju - a pokraovat mám stejně jako u combofixu?

tak jsem to spustila...naběhlo modré okno s informacemi a během chvilky spadl a restartoval se pC- /vím jak běží combofix- tak mě to překvapilo/....ale nemám log- hledám ho zatím

Ecinazuz · #6 Příspěvek od **Ecinazuz** » 24 dub 2010 15:35

ježíš já jsem dneska taky Ko...nemám ten log...nemůžu ho najít...ale naskočily zpět programy- už jdou otevřít- např. ten word....mám zkusit to OTL?

Ecinazuz · #7 Příspěvek od **Ecinazuz** » 24 dub 2010 16:08

tak posílám log z OTL....musela jsem si ho přetáhnout na flash disk- nechtělo mě zase pro změnu připojit k netu.../takže píšu z noťasu/...ach jo

OTL logfile created on: 24.4.2010 16:53:14 - Run 2
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 155,24 Gb Total Space | 140,99 Gb Free Space | 90,82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 77,64 Gb Total Space | 37,64 Gb Free Space | 48,48% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-D958691FD9
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.24 16:22:33 | 000,224,768 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\ave.exe
PRC - [2010.04.24 16:07:20 | 000,224,768 | -HS- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe
PRC - [2010.04.24 15:46:15 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
PRC - [2010.04.24 13:25:45 | 000,029,440 | ---- | M] () -- C:\WINDOWS\system32\wuaucldt.exe
PRC - [2009.10.28 21:33:14 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.17 18:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2007.12.21 08:21:06 | 001,443,072 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2007.05.11 02:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2007.05.11 02:08:54 | 002,512,392 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodtray.exe
PRC - [2007.03.30 13:05:32 | 001,024,512 | ---- | M] () -- C:\Program Files\GIGABYTE\VGA Utility Manager\Utility.exe
PRC - [2007.03.06 19:20:00 | 000,536,576 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2006.11.08 12:36:40 | 000,118,870 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
PRC - [2006.11.08 12:36:38 | 000,274,520 | ---- | M] () -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
PRC - [2003.05.23 06:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003.03.14 04:38:12 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe

========== Modules (SafeList) ==========

MOD - [2010.04.24 15:46:15 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009.10.28 21:33:14 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009.10.28 21:33:13 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.09.10 12:35:45 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.12.11 14:31:36 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.01.22 10:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.12.21 08:22:44 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2007.12.21 08:21:16 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2007.05.11 02:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2006.11.08 12:36:40 | 000,118,870 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006.11.08 12:36:38 | 000,274,520 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2003.05.23 06:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)

========== Driver Services (SafeList) ==========

DRV - [2010.04.24 16:42:25 | 000,098,240 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2009.09.09 12:28:18 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.21 08:21:54 | 000,053,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2007.12.21 08:21:52 | 000,030,728 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2007.12.21 08:21:46 | 000,071,176 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2007.12.21 08:20:14 | 000,030,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2007.12.21 08:19:54 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2007.07.18 13:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.05.11 00:03:00 | 006,738,432 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006.11.27 16:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.11.27 16:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.10.18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.06.18 23:59:28 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.10.15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2003.10.24 06:53:14 | 000,090,416 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [1997.12.23 03:02:46 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-583907252-162531612-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-583907252-162531612-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-162531612-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.14 01:01:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.14 01:01:37 | 000,000,000 | ---D | M]

[2009.09.10 19:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2009.09.10 19:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\extensions
[2009.12.18 07:51:15 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icq-search.xml
[2010.02.19 23:05:21 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icqplugin-1.xml
[2010.03.11 22:01:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icqplugin-2.xml
[2010.03.23 10:04:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icqplugin-3.xml
[2010.04.14 01:01:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icqplugin-4.xml
[2008.03.31 09:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icqplugin.gif
[2008.03.31 09:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icqplugin.src
[2010.01.08 19:55:19 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\65rphqj6.default\searchplugins\icqplugin.xml
[2010.04.21 19:59:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.10 19:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.11 22:01:11 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.11 22:01:11 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.11 22:01:11 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.11 22:01:11 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.11 22:01:11 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.01.14 23:26:08 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-583907252-162531612-682003330-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [Regedit32] C:\WINDOWS\System32\regedit.exe File not found
O4 - HKLM..\Run: [syncman] C:\WINDOWS\system32\wuaucldt.exe ()
O4 - HKU\S-1-5-21-583907252-162531612-682003330-1004..\Run: [syncman] c:\documents and settings\admin\wuaucldt.exe File not found
O4 - Startup: C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE VGA Utility.lnk = C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe (Macrovision Corporation)
O4 - Startup: C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\monxga32.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-162531612-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-583907252-162531612-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-583907252-162531612-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-583907252-162531612-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.09.09 11:59:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{dc3998e9-bd89-11de-8952-001d7d9061e7}\Shell\AutoRun\command - "" = F:\EmDesk.exe -- File not found
O33 - MountPoints2\{dc3998e9-bd89-11de-8952-001d7d9061e7}\Shell\EmDesk\command - "" = F:\EmDesk.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = secfile] -- "C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe" /START "%1" %* ()
O37 - HKU\.DEFAULT\...exe [@ = secfile] -- "C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe" /START "%1" %* ()
O37 - HKU\S-1-5-18\...exe [@ = secfile] -- "C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe" /START "%1" %* ()
O37 - HKU\S-1-5-21-583907252-162531612-682003330-1004\...exe [@ = secfile] -- "C:\Documents and Settings\Admin\Local Settings\Data aplikací\ave.exe" /START "%1" %* ()

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.09.09 13:42:16 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.at3 - C:\WINDOWS\System32\atrac3.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.hfyu - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.vp60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 7 Days ==========

[2010.04.24 16:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\avG
[2010.04.24 16:20:25 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.04.24 16:20:22 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.04.24 16:20:20 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.04.24 16:20:20 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.04.24 16:19:50 | 000,000,000 | --SD | C] -- C:\abraka
[2010.04.24 16:19:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.04.24 16:03:52 | 000,910,296 | ---- | C] (Mozilla Corporation) -- C:\Documents and Settings\Admin\Plocha\firefox.exe
[2010.04.24 15:45:55 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2010.04.24 13:35:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2010.04.24 13:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\avG
[2010.04.24 13:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\avG
[2010.04.19 18:34:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Plocha\plány MŠ

========== Files - Modified Within 7 Days ==========

[2010.04.24 16:49:11 | 000,013,118 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\3413392581
[2010.04.24 16:49:11 | 000,013,118 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\1891633005
[2010.04.24 16:43:13 | 000,013,166 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\3413392581
[2010.04.24 16:42:25 | 000,098,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdrom.sys
[2010.04.24 16:42:25 | 000,098,240 | ---- | M] () -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2010.04.24 16:32:39 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2010.04.24 16:23:03 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\Admin\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010.04.24 16:22:40 | 000,013,170 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\I6vNTV7g2h23
[2010.04.24 16:22:40 | 000,013,170 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\1891633005
[2010.04.24 16:22:33 | 000,224,768 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\ave.exe
[2010.04.24 16:22:17 | 000,013,170 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\I6vNTV7g2h23
[2010.04.24 16:22:10 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Úklid 1 kliknutím.job
[2010.04.24 16:21:56 | 000,002,545 | ---- | M] () -- C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\GIGABYTE VGA Utility.lnk
[2010.04.24 16:21:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.24 16:21:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.24 16:21:48 | 000,606,449 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.04.24 16:17:49 | 003,923,062 | R--- | M] () -- C:\Documents and Settings\Admin\Plocha\abraka.com
[2010.04.24 16:07:10 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Excel 2003.lnk
[2010.04.24 16:03:45 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Documents and Settings\Admin\Plocha\firefox.exe
[2010.04.24 16:02:20 | 004,980,736 | ---- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2010.04.24 15:52:56 | 003,923,062 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\ComboFix.exe
[2010.04.24 15:46:15 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2010.04.24 15:15:44 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.04.24 14:47:19 | 000,224,768 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\MSASCui.exe
[2010.04.24 14:47:19 | 000,224,768 | -HS- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\av.exe
[2010.04.24 14:34:00 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\RSIT.exe
[2010.04.24 13:35:27 | 000,000,416 | ---- | M] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100424_133515.reg
[2010.04.24 13:25:45 | 000,029,440 | ---- | M] () -- C:\WINDOWS\System32\wuaucldt.exe
[2010.04.24 13:25:42 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2010.04.23 20:09:20 | 000,425,984 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Část z manuálu do balíčku.doc
[2010.04.21 22:52:25 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100421_225222.reg
[2010.04.21 17:19:40 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\V jedné chaloupce žila koza se svými kůzlátky.doc
[2010.04.21 17:19:26 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Mustr priprava - Kopie.doc
[2010.04.21 16:39:19 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Jaro budí zvířátka...a jejich mláďátka...2010.doc
[2010.04.20 23:28:23 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100420_232820.reg
[2010.04.19 07:20:25 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Admin\intlname.ols
[2010.04.17 20:36:15 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100417_203610.reg

========== Files Created - No Company Name ==========

[2010.04.24 16:32:40 | 000,013,166 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\3413392581
[2010.04.24 16:32:39 | 000,013,118 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\3413392581
[2010.04.24 16:32:39 | 000,013,118 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\1891633005
[2010.04.24 16:23:03 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Admin\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010.04.24 16:22:33 | 000,013,170 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\1891633005
[2010.04.24 16:20:26 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.04.24 16:20:23 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.04.24 16:20:22 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.04.24 16:20:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.04.24 16:20:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.04.24 16:17:27 | 003,923,062 | R--- | C] () -- C:\Documents and Settings\Admin\Plocha\abraka.com
[2010.04.24 15:52:35 | 003,923,062 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\ComboFix.exe
[2010.04.24 15:00:30 | 000,013,170 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\I6vNTV7g2h23
[2010.04.24 15:00:29 | 000,224,768 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe
[2010.04.24 14:47:19 | 000,224,768 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\MSASCui.exe
[2010.04.24 14:47:19 | 000,224,768 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\ave.exe
[2010.04.24 14:47:19 | 000,224,768 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\av.exe
[2010.04.24 14:47:19 | 000,013,170 | -HS- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\I6vNTV7g2h23
[2010.04.24 14:33:57 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\RSIT.exe
[2010.04.24 13:35:17 | 000,000,416 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100424_133515.reg
[2010.04.24 13:26:02 | 000,098,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2010.04.24 13:26:02 | 000,013,170 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\I6vNTV7g2h23
[2010.04.24 13:25:45 | 000,029,440 | ---- | C] () -- C:\WINDOWS\System32\wuaucldt.exe
[2010.04.24 13:25:45 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\NetworkService\Data aplikací\kcmdte.dat
[2010.04.24 13:25:42 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2010.04.23 20:09:20 | 000,425,984 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Část z manuálu do balíčku.doc
[2010.04.21 22:52:23 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100421_225222.reg
[2010.04.21 17:19:40 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\V jedné chaloupce žila koza se svými kůzlátky.doc
[2010.04.21 16:39:18 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Jaro budí zvířátka...a jejich mláďátka...2010.doc
[2010.04.20 23:28:22 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100420_232820.reg
[2010.04.17 20:36:11 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20100417_203610.reg
[2009.11.20 17:40:06 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.11.11 15:41:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.10.12 21:03:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2009.09.10 16:54:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.09.10 16:54:02 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.09.10 16:53:08 | 000,000,213 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009.09.10 16:53:08 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009.09.09 15:44:56 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.04.14 14:00:00 | 000,098,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdrom.sys
[2007.05.11 00:03:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.05.11 00:03:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.05.11 00:03:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.05.11 00:03:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.05.11 00:03:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007.02.26 23:24:20 | 000,220,672 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2007.02.26 23:22:42 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2007.02.26 23:22:36 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2007.02.26 23:22:34 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2007.02.26 23:22:30 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2007.02.26 23:22:24 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2007.02.26 23:22:14 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2007.02.26 23:22:04 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2007.02.26 23:21:46 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2007.02.26 23:21:38 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2007.02.26 23:21:38 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2007.02.12 21:21:22 | 003,426,304 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2007.02.12 21:21:22 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2007.02.12 21:21:22 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2007.02.12 21:21:22 | 000,399,872 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2007.02.12 21:21:22 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2007.02.12 21:21:22 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2007.02.12 21:21:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007.02.12 21:21:22 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2007.02.12 21:21:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2007.02.12 21:21:22 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2007.02.12 21:21:22 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2007.02.12 21:21:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2007.02.12 21:21:22 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2007.02.12 21:21:22 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2007.02.12 21:21:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2007.02.12 21:21:22 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2007.02.12 21:21:22 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2007.02.12 21:21:22 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.02.12 21:21:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007.01.30 07:03:40 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006.11.01 16:54:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006.11.01 16:52:38 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006.07.07 17:51:02 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\FLT_ffdshow.dll
[2006.03.21 21:13:33 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.05.18 00:18:30 | 000,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll

========== LOP Check ==========

[2009.09.09 15:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BinarySense
[2009.12.13 16:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Canon
[2009.10.16 19:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ESET
[2010.02.09 22:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2009.10.28 21:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
[2010.03.26 22:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\VSO
[2010.04.24 13:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avG
[2009.11.21 12:19:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.03.30 19:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2009.11.21 12:23:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2010.04.20 19:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2009.12.13 16:59:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2009.11.21 12:23:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenu
[2009.10.16 19:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.09.10 19:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.09.30 22:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PCSettings
[2009.10.28 21:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.10.28 21:32:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.04.24 16:22:10 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010.03.09 10:02:14 | 026,100,520 | R--- | M] (Skype Technologies S.A.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"syncman" = c:\documents and settings\admin\wuaucldt.exe -- File not found
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.10.11 12:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2009.09.09 15:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ahead
[2009.09.09 15:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BinarySense
[2009.09.10 16:56:37 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Admin\Data aplikací\Brother
[2009.12.13 16:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Canon
[2009.11.11 15:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DivX
[2009.10.16 19:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ESET
[2010.02.09 22:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2009.09.09 12:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2009.09.09 12:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InstallShield
[2009.09.10 19:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2009.10.14 13:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2010.02.13 09:06:16 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2009.09.10 19:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2010.04.24 16:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Skype
[2010.04.24 16:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\skypePM
[2009.09.10 12:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Symantec
[2009.10.28 21:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
[2010.03.26 22:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\VSO
[2009.10.05 22:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2009.09.09 15:52:15 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{2EDC23E5-29FB-49D0-BF6D-F2D55EA25496}\_0F4BC114588B95640F7F3B.exe
[2009.09.09 15:52:15 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{2EDC23E5-29FB-49D0-BF6D-F2D55EA25496}\_3822ED5C6A689F7E906806.exe
[2009.09.09 15:52:15 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{2EDC23E5-29FB-49D0-BF6D-F2D55EA25496}\_6FEFF9B68218417F98F549.exe
[2009.09.09 15:52:15 | 000,062,526 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{2EDC23E5-29FB-49D0-BF6D-F2D55EA25496}\_A2BDAD1987E4FB1071BD84.exe
[2009.09.09 15:52:15 | 000,029,926 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{2EDC23E5-29FB-49D0-BF6D-F2D55EA25496}\_B3AF483CD1C894FD13F9F6.exe
[2010.02.18 17:19:08 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\ARPPRODUCTICON.exe
[2010.02.18 17:19:08 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2010.02.18 17:19:09 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\UNINST_Uninstall_VGA_D27BDB5D3B4C44F0A648BD00B0E79B39.exe
[2010.02.18 17:19:08 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe1_D27BDB5D3B4C44F0A648BD00B0E79B39.exe
[2010.02.18 17:19:09 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe
[2010.02.18 17:19:08 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe_D27BDB5D3B4C44F0A648BD00B0E79B39.exe

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2006.10.18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) MD5=EF9941593B2E9B436F64A87DDB570D1A -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.09.09 13:46:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.09.09 13:46:38 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.09.09 13:46:38 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.04.24 16:42:25 | 000,098,240 | ---- | M] () -- C:\WINDOWS\system32\drivers\cdrom.sys

< %systemroot%\system32\*.* /3 >
[2010.04.24 16:21:48 | 000,606,449 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2010.04.24 13:25:45 | 000,029,440 | ---- | M] () -- C:\WINDOWS\system32\wuaucldt.exe
< End of report >

Ecinazuz · #8 Příspěvek od **Ecinazuz** » 24 dub 2010 17:15

========== OTL ==========
Process ave.exe killed successfully!
No active process named Data aplikací was found!
Process wuaucldt.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\syncman deleted successfully.
C:\WINDOWS\system32\wuaucldt.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-583907252-162531612-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\syncman deleted successfully.
File move failed. C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\monxga32.exe scheduled to be moved on reboot.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\shell\open\command\\|"%1" %* /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Classes\secfile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Classes\.exe\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Classes\secfile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-583907252-162531612-682003330-1004_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-583907252-162531612-682003330-1004_Classes\secfile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\syncman not found.
========== FILES ==========
File\Folder c:\documents and settings\admin\wuaucldt.exe not found.

OTL by OldTimer - Version 3.2.2.0 log created on 04242010_181201

Files\Folders moved on Reboot...
C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\monxga32.exe moved successfully.

Registry entries deleted on Reboot...

Ecinazuz · #9 Příspěvek od **Ecinazuz** » 24 dub 2010 17:20

log:
========== OTL ==========
Process ave.exe killed successfully!
No active process named Data aplikací was found!
Process wuaucldt.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\syncman deleted successfully.
C:\WINDOWS\system32\wuaucldt.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-583907252-162531612-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\syncman deleted successfully.
File move failed. C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\monxga32.exe scheduled to be moved on reboot.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\shell\open\command\\|"%1" %* /E : value set successfully!
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Classes\secfile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Classes\.exe\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Classes\secfile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-583907252-162531612-682003330-1004_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-583907252-162531612-682003330-1004_Classes\secfile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\syncman not found.
========== FILES ==========
File\Folder c:\documents and settings\admin\wuaucldt.exe not found.

OTL by OldTimer - Version 3.2.2.0 log created on 04242010_181201

Files\Folders moved on Reboot...
C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění\monxga32.exe moved successfully.

Registry entries deleted on Reboot...

Ecinazuz · #10 Příspěvek od **Ecinazuz** » 24 dub 2010 17:25

a pořád mi tu vyskakují ty výstrahy- v příloze okno...když jsem tedy chtěla nabízenou registarci přijmout- nevezme mi to zase reg. klíč...se už picnu

Ecinazuz · #11 Příspěvek od **Ecinazuz** » 24 dub 2010 17:34

Ok- dělám nový sken OTL....co je to CF? a VT? /jsem lama

co?/

Ecinazuz · #12 Příspěvek od **Ecinazuz** » 24 dub 2010 17:39

posílám nový log z OTL- extras.txt

OTL Extras logfile created on: 24.4.2010 18:33:19 - Run 3
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 155,24 Gb Total Space | 140,99 Gb Free Space | 90,82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 77,64 Gb Total Space | 37,64 Gb Free Space | 48,48% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-D958691FD9
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.exe [@ = secfile] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe ()

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.exe [@ = secfile] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe ()

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.exe [@ = secfile] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ave.exe ()

[HKEY_USERS\S-1-5-21-583907252-162531612-682003330-1004\SOFTWARE\Classes\<extension>]
.exe [@ = secfile] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\ave.exe ()
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series" = Canon MP630 series MP Drivers
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EDC23E5-29FB-49D0-BF6D-F2D55EA25496}" = HDDlife
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 3.0.1.72
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Premium
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{A1350B64-1AF8-497B-AC07-307DF67FB8D4}" = ESET Smart Security
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}" = VGA Utility
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}" = Dual-Core Optimizer
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) 6.0.9
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Foxit PDF Editor" = Foxit PDF Editor
"HD Tune_is1" = HD Tune 2.50
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MV2Player" = MV2Player (remove only)
"NOD32 v3.x FiX 1.1 by TemDono_is1" = NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
"NVIDIA Drivers" = NVIDIA Drivers
"Registrace uživatele zařízení Canon MP630 series" = Registrace uživatele zařízení Canon MP630 series
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.4.2010 0:47:13 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 22.4.2010 10:09:18 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 22.4.2010 19:46:32 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 23.4.2010 0:46:11 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 23.4.2010 10:32:55 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 23.4.2010 23:32:33 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 24.4.2010 1:42:43 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 24.4.2010 8:47:25 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 24.4.2010 8:48:40 | Computer Name = HOME-D958691FD9 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.2.3743, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 24.4.2010 10:21:59 | Computer Name = HOME-D958691FD9 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

[ System Events ]
Error - 24.4.2010 8:26:40 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 24.4.2010 8:47:57 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7000
Description = Služba TVICHW32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 24.4.2010 8:47:59 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7000
Description = Služba TVICHW32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 24.4.2010 10:00:48 | Computer Name = HOME-D958691FD9 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 001D7D9061E7
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 24.4.2010 10:20:49 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7034
Description = Služba DVD-RAM_Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 24.4.2010 10:22:09 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7000
Description = Služba TVICHW32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 24.4.2010 10:22:10 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7000
Description = Služba TVICHW32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 24.4.2010 12:14:18 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7000
Description = Služba TVICHW32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 24.4.2010 12:14:18 | Computer Name = HOME-D958691FD9 | Source = Service Control Manager | ID = 7000
Description = Služba TVICHW32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 24.4.2010 12:14:26 | Computer Name = HOME-D958691FD9 | Source = System Error | ID = 1003
Description = Kód chyby 1000000a, parametr1 0000004c, parametr2 0000001c, parametr3
00000000, parametr4 804fa276.

[ TuneUp Events ]
Error - 13.1.2010 18:47:01 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-13 23:47:01', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4088',0)

Error - 14.1.2010 17:38:31 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-14 22:38:31', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','424',0)

Error - 14.1.2010 17:38:36 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-14 22:38:36', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2972',0)

Error - 14.1.2010 17:38:51 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-14 22:38:51', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2148',0)

Error - 14.1.2010 17:39:21 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-14 22:39:21', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2128',0)

Error - 31.1.2010 12:07:45 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-01-31 17:07:45', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2280',0)

Error - 8.2.2010 14:29:43 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-02-08 19:29:43', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2140',0)

Error - 8.2.2010 14:29:48 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-02-08 19:29:48', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1496',0)

Error - 8.2.2010 14:30:13 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-02-08 19:30:13', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1140',0)

Error - 16.3.2010 9:16:12 | Computer Name = HOME-D958691FD9 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-03-16 14:16:12', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2920',0)

< End of report >

Ecinazuz · #13 Příspěvek od **Ecinazuz** » 24 dub 2010 17:47

MD5: 6b4bffb9becd728097024276430db314
Poprvé zaslán: 2009.05.31 12:35:14 UTC
Datum: 2010.04.21 09:39:52 UTC [>3D]
Výsledky: 0/40
Stálý odkaz: analisis/4451efead37b05c8a3cb610b6d72e73b55d3d1e1cc1b17405598c1edaa93c2d5-1271842792
http://www.virustotal.com/cs/reanalisis ... 1272127553

Ecinazuz · #14 Příspěvek od **Ecinazuz** » 24 dub 2010 18:02

už to jede- jenže jsem ve zbrklotsi spustila combofix- ne abrakaúsnad to není velká chyba/...a už čekám na log- ...připravuji log report....tentokrát proběhly fáze testování, něco to smazalo....tak to sem snad za chvilku hodím

/jak dlouho to může trvat- to vytvoření logu?...stále je aktivní modré okno připravuji log/

Ecinazuz · #15 Příspěvek od **Ecinazuz** » 24 dub 2010 18:20

Ok- čekám...pořád nic, ale stále bliká kurzor, takže to asi maká....

VIRY.CZ

XP internet security- hází varovné hlášky- prosím o kontrolu

XP internet security- hází varovné hlášky- prosím o kontrolu

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont

Re: XP internet security- hází varovné hlášky- prosím o kont