Používám Win7. Jdu na to udělat log z combofixu, doufám že to jde i v nouzovým režimu.
Kód: Vybrat vše
http://ulozto.cz/4815359/conf.rar
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Conflicker/Win64+32
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Conflicker/Win64+32
Zdravím zatím sem hodím jen screeny combofix ani nic podobnýho nesputím, protože hned po zapnutí win mi to hodí tu obrazovku. A nic nejde dělat.
Používám Win7. Jdu na to udělat log z combofixu, doufám že to jde i v nouzovým režimu.
Používám Win7. Jdu na to udělat log z combofixu, doufám že to jde i v nouzovým režimu.
Re: Conflicker/Win64+32
Hezký podvečer 
než budete spouštět combofix (nedoporučujeme bez dozoru rádce, můžete si poškodit systém), vložte zde prosím log ze Rsitu, kouknu na to
než budete spouštět combofix (nedoporučujeme bez dozoru rádce, můžete si poškodit systém), vložte zde prosím log ze Rsitu, kouknu na to
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Conflicker/Win64+32
Pardon pozdě 
ComboFix 10-05-12.06 - Tomas 13.05.2010 18:00:18.2.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2815.2092 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\system\system32.exe
D:\install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-13 do 2010-05-13 )))))))))))))))))))))))))))))))
.
2010-05-13 16:06 . 2010-05-13 16:06 -------- d-----w- c:\users\Tomas\AppData\Local\temp
2010-05-13 16:06 . 2010-05-13 16:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-05-13 16:06 . 2010-05-13 16:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-13 15:55 . 2010-05-13 15:55 3688516 ----a-r- C:\ComboFix.exe
2010-05-13 14:42 . 2010-05-13 14:42 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-05-13 10:46 . 2010-05-13 16:05 -------- d-----w- c:\program files\System
2010-05-13 10:30 . 2010-05-13 10:30 -------- d-----w- c:\program files\Valve
2010-05-13 09:53 . 2010-05-13 09:53 -------- d-----w- c:\programdata\ATI
2010-05-13 09:14 . 2010-05-13 09:14 -------- d-----w- c:\users\Tomas\AppData\Local\ElevatedDiagnostics
2010-05-13 09:14 . 2010-05-13 09:14 -------- d--h--w- c:\windows\PIF
2010-05-10 09:06 . 2010-05-10 09:15 -------- d-----w- c:\program files\Uloz.to Uploader
2010-05-07 23:03 . 2010-05-07 23:05 -------- d--h--w- c:\programdata\ActiveSMART
2010-05-07 13:15 . 2010-05-07 13:15 -------- d-----w- c:\users\Tomas\AppData\Roaming\HD Tune Pro
2010-05-07 13:15 . 2010-05-07 23:05 -------- d-----w- c:\program files\HD Tune Pro
2010-05-07 09:38 . 2010-05-07 09:38 -------- d-----w- c:\program files\Ubisoft
2010-05-07 08:32 . 1994-09-20 22:00 12800 ----a-w- c:\windows\system\WING32.DLL
2010-05-07 08:30 . 2010-05-07 08:32 -------- d-----w- c:\program files\trend micro
2010-05-03 19:45 . 2010-05-03 19:45 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-05-03 15:04 . 2010-05-03 15:04 -------- d-----w- c:\program files\GameSpy Arcade
2010-05-03 13:49 . 2010-05-03 13:49 -------- d-----w- c:\program files\SystemRequirementsLab
2010-05-03 13:49 . 2010-05-03 13:49 -------- d-----w- c:\users\Tomas\SystemRequirementsLab
2010-04-26 10:43 . 2010-05-13 14:42 -------- d-----w- c:\program files\uTorrent
2010-04-26 10:43 . 2010-05-13 10:26 -------- d-----w- c:\users\Tomas\AppData\Roaming\uTorrent
2010-04-25 09:13 . 2010-05-07 08:59 -------- d-----w- c:\program files\Share Rapid Uploader
2010-04-24 14:44 . 2010-04-24 14:44 -------- d-----w- c:\program files\directx
2010-04-24 14:43 . 2010-05-03 15:05 -------- d-----w- c:\program files\3do
2010-04-21 17:47 . 2010-04-21 17:47 -------- d-----w- c:\program files\Common Files\PCSuite
2010-04-20 14:53 . 2010-04-20 14:53 -------- d-----w- c:\program files\PC Connectivity Solution
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-13 15:34 . 2010-03-04 14:13 -------- d-----w- c:\users\Tomas\AppData\Roaming\DNA
2010-05-13 15:32 . 2010-03-04 14:13 -------- d-----w- c:\program files\DNA
2010-05-12 21:02 . 2010-03-04 13:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\Skype
2010-05-12 20:40 . 2010-03-04 13:05 -------- d-----w- c:\users\Tomas\AppData\Roaming\skypePM
2010-05-12 14:12 . 2010-03-30 16:43 1 ----a-w- c:\users\Tomas\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-11 15:37 . 2010-03-04 13:16 -------- d-----w- c:\program files\JDownloader
2010-05-10 17:13 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-05-10 17:13 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-05-07 09:38 . 2010-03-04 14:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-04 07:37 . 2010-04-02 13:44 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-04 07:37 . 2010-04-02 13:43 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-02 14:51 . 2010-03-04 14:44 -------- d-----w- c:\program files\Common Files\Steam
2010-04-21 17:47 . 2010-03-04 15:00 -------- d-----w- c:\program files\Common Files\Nokia
2010-04-21 06:43 . 2010-03-04 13:01 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-20 16:30 . 2010-04-20 16:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-04-20 14:53 . 2010-03-04 15:00 -------- d-----w- c:\program files\DIFX
2010-04-20 14:53 . 2010-03-04 14:59 -------- d-----w- c:\program files\Nokia
2010-04-20 14:21 . 2010-03-04 15:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\PC Suite
2010-04-20 14:21 . 2010-03-04 15:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\Nokia
2010-04-06 15:22 . 2010-04-06 15:22 -------- d--h--w- c:\programdata\CanonIJEGV
2010-04-06 14:14 . 2010-04-06 14:14 -------- d-----w- c:\program files\linguatec
2010-04-06 14:13 . 2010-04-01 16:00 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-02 14:57 . 2010-04-02 13:43 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-04-02 06:46 . 2010-04-02 06:46 -------- d-----w- c:\program files\GamePark
2010-03-31 10:30 . 2010-03-31 10:30 -------- d-----w- c:\program files\AMD
2010-03-30 16:42 . 2010-03-30 16:42 -------- d-----w- c:\users\Tomas\AppData\Roaming\OpenOffice.org
2010-03-27 08:07 . 2010-03-27 08:07 -------- d-----w- c:\users\Tomas\AppData\Roaming\Ubisoft
2010-03-25 19:15 . 2010-03-04 14:54 -------- d-----w- c:\users\Tomas\AppData\Roaming\BSplayer
2010-03-24 17:54 . 2010-03-24 17:54 -------- d-----w- c:\program files\AGEIA Technologies
2010-03-23 11:21 . 2010-03-23 09:52 -------- d-----w- c:\users\Tomas\AppData\Roaming\BatteryBar
2010-03-21 14:15 . 2010-03-21 14:15 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-03-18 19:27 . 2010-03-18 19:27 -------- d-----w- c:\program files\Intelore
2010-03-15 12:36 . 2010-03-15 12:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-15 12:36 . 2010-03-04 13:01 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-15 12:35 . 2010-03-04 13:01 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-07 10:13 . 2010-03-07 10:13 592 ----a-w- c:\windows\eReg.dat
2010-03-06 14:23 . 2010-03-06 14:23 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2010-03-06 14:23 . 2010-03-06 14:23 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-03-06 14:23 . 2010-03-06 14:23 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2010-03-04 15:05 . 2010-03-04 13:17 108824 ----a-w- c:\users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-04 15:03 . 2010-03-04 15:03 10134 ----a-r- c:\users\Tomas\AppData\Roaming\Microsoft\Installer\{1BFF0EA4-DFD8-8E28-90D4-8E435C7E0AAB}\ARPPRODUCTICON.exe
2010-03-04 13:26 . 2010-03-04 13:26 0 ----a-w- c:\windows\nsreg.dat
2010-03-04 13:16 . 2010-03-04 13:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-04 13:12 . 2010-03-04 13:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-03-04 13:07 . 2010-03-04 13:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-04 12:39 . 2010-03-04 12:39 0 ----a-w- c:\windows\ativpsrm.bin
2010-02-26 11:32 . 2010-03-04 14:59 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-03-04 323392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-14 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr "= 1
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKLM\~\startupfolder\C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-17 16:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-10 16:20 689488 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2009-10-26 15:26 753664 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 08:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-04 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-15 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-04-21 242896]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-15 172032]
R2 AMDFusionSVC;Služby softwarového nástroje AMD Fusion;c:\program files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe [2009-09-08 383544]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-15 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-15 308064]
R3 GarenaPEngine;GarenaPEngine;c:\users\Tomas\AppData\Local\Temp\CUCB671.tmp [x]
R3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedie (cs)
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-RunOnce-<NO NAME> - (no file)
AddRemove-Nokia PC Suite - c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_cze.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\Tomas\AppData\Local\Temp\CUCB671.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-05-13 18:08:30
ComboFix-quarantined-files.txt 2010-05-13 16:08
Před spuštěním: Volných bajtů: 32 256 262 144
Po spuštění: Volných bajtů: 32 744 562 688
- - End Of File - - 8731360C1C5A1D1AA09D1D1D4B978A34
ComboFix 10-05-12.06 - Tomas 13.05.2010 18:00:18.2.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2815.2092 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\system\system32.exe
D:\install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-13 do 2010-05-13 )))))))))))))))))))))))))))))))
.
2010-05-13 16:06 . 2010-05-13 16:06 -------- d-----w- c:\users\Tomas\AppData\Local\temp
2010-05-13 16:06 . 2010-05-13 16:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-05-13 16:06 . 2010-05-13 16:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-13 15:55 . 2010-05-13 15:55 3688516 ----a-r- C:\ComboFix.exe
2010-05-13 14:42 . 2010-05-13 14:42 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-05-13 10:46 . 2010-05-13 16:05 -------- d-----w- c:\program files\System
2010-05-13 10:30 . 2010-05-13 10:30 -------- d-----w- c:\program files\Valve
2010-05-13 09:53 . 2010-05-13 09:53 -------- d-----w- c:\programdata\ATI
2010-05-13 09:14 . 2010-05-13 09:14 -------- d-----w- c:\users\Tomas\AppData\Local\ElevatedDiagnostics
2010-05-13 09:14 . 2010-05-13 09:14 -------- d--h--w- c:\windows\PIF
2010-05-10 09:06 . 2010-05-10 09:15 -------- d-----w- c:\program files\Uloz.to Uploader
2010-05-07 23:03 . 2010-05-07 23:05 -------- d--h--w- c:\programdata\ActiveSMART
2010-05-07 13:15 . 2010-05-07 13:15 -------- d-----w- c:\users\Tomas\AppData\Roaming\HD Tune Pro
2010-05-07 13:15 . 2010-05-07 23:05 -------- d-----w- c:\program files\HD Tune Pro
2010-05-07 09:38 . 2010-05-07 09:38 -------- d-----w- c:\program files\Ubisoft
2010-05-07 08:32 . 1994-09-20 22:00 12800 ----a-w- c:\windows\system\WING32.DLL
2010-05-07 08:30 . 2010-05-07 08:32 -------- d-----w- c:\program files\trend micro
2010-05-03 19:45 . 2010-05-03 19:45 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-05-03 15:04 . 2010-05-03 15:04 -------- d-----w- c:\program files\GameSpy Arcade
2010-05-03 13:49 . 2010-05-03 13:49 -------- d-----w- c:\program files\SystemRequirementsLab
2010-05-03 13:49 . 2010-05-03 13:49 -------- d-----w- c:\users\Tomas\SystemRequirementsLab
2010-04-26 10:43 . 2010-05-13 14:42 -------- d-----w- c:\program files\uTorrent
2010-04-26 10:43 . 2010-05-13 10:26 -------- d-----w- c:\users\Tomas\AppData\Roaming\uTorrent
2010-04-25 09:13 . 2010-05-07 08:59 -------- d-----w- c:\program files\Share Rapid Uploader
2010-04-24 14:44 . 2010-04-24 14:44 -------- d-----w- c:\program files\directx
2010-04-24 14:43 . 2010-05-03 15:05 -------- d-----w- c:\program files\3do
2010-04-21 17:47 . 2010-04-21 17:47 -------- d-----w- c:\program files\Common Files\PCSuite
2010-04-20 14:53 . 2010-04-20 14:53 -------- d-----w- c:\program files\PC Connectivity Solution
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-13 15:34 . 2010-03-04 14:13 -------- d-----w- c:\users\Tomas\AppData\Roaming\DNA
2010-05-13 15:32 . 2010-03-04 14:13 -------- d-----w- c:\program files\DNA
2010-05-12 21:02 . 2010-03-04 13:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\Skype
2010-05-12 20:40 . 2010-03-04 13:05 -------- d-----w- c:\users\Tomas\AppData\Roaming\skypePM
2010-05-12 14:12 . 2010-03-30 16:43 1 ----a-w- c:\users\Tomas\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-05-11 15:37 . 2010-03-04 13:16 -------- d-----w- c:\program files\JDownloader
2010-05-10 17:13 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-05-10 17:13 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-05-07 09:38 . 2010-03-04 14:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-04 07:37 . 2010-04-02 13:44 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-04 07:37 . 2010-04-02 13:43 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-02 14:51 . 2010-03-04 14:44 -------- d-----w- c:\program files\Common Files\Steam
2010-04-21 17:47 . 2010-03-04 15:00 -------- d-----w- c:\program files\Common Files\Nokia
2010-04-21 06:43 . 2010-03-04 13:01 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-20 16:30 . 2010-04-20 16:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-04-20 14:53 . 2010-03-04 15:00 -------- d-----w- c:\program files\DIFX
2010-04-20 14:53 . 2010-03-04 14:59 -------- d-----w- c:\program files\Nokia
2010-04-20 14:21 . 2010-03-04 15:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\PC Suite
2010-04-20 14:21 . 2010-03-04 15:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\Nokia
2010-04-06 15:22 . 2010-04-06 15:22 -------- d--h--w- c:\programdata\CanonIJEGV
2010-04-06 14:14 . 2010-04-06 14:14 -------- d-----w- c:\program files\linguatec
2010-04-06 14:13 . 2010-04-01 16:00 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-02 14:57 . 2010-04-02 13:43 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-04-02 06:46 . 2010-04-02 06:46 -------- d-----w- c:\program files\GamePark
2010-03-31 10:30 . 2010-03-31 10:30 -------- d-----w- c:\program files\AMD
2010-03-30 16:42 . 2010-03-30 16:42 -------- d-----w- c:\users\Tomas\AppData\Roaming\OpenOffice.org
2010-03-27 08:07 . 2010-03-27 08:07 -------- d-----w- c:\users\Tomas\AppData\Roaming\Ubisoft
2010-03-25 19:15 . 2010-03-04 14:54 -------- d-----w- c:\users\Tomas\AppData\Roaming\BSplayer
2010-03-24 17:54 . 2010-03-24 17:54 -------- d-----w- c:\program files\AGEIA Technologies
2010-03-23 11:21 . 2010-03-23 09:52 -------- d-----w- c:\users\Tomas\AppData\Roaming\BatteryBar
2010-03-21 14:15 . 2010-03-21 14:15 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-03-18 19:27 . 2010-03-18 19:27 -------- d-----w- c:\program files\Intelore
2010-03-15 12:36 . 2010-03-15 12:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-15 12:36 . 2010-03-04 13:01 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-15 12:35 . 2010-03-04 13:01 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-07 10:13 . 2010-03-07 10:13 592 ----a-w- c:\windows\eReg.dat
2010-03-06 14:23 . 2010-03-06 14:23 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2010-03-06 14:23 . 2010-03-06 14:23 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-03-06 14:23 . 2010-03-06 14:23 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2010-03-04 15:05 . 2010-03-04 13:17 108824 ----a-w- c:\users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-04 15:03 . 2010-03-04 15:03 10134 ----a-r- c:\users\Tomas\AppData\Roaming\Microsoft\Installer\{1BFF0EA4-DFD8-8E28-90D4-8E435C7E0AAB}\ARPPRODUCTICON.exe
2010-03-04 13:26 . 2010-03-04 13:26 0 ----a-w- c:\windows\nsreg.dat
2010-03-04 13:16 . 2010-03-04 13:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-04 13:12 . 2010-03-04 13:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-03-04 13:07 . 2010-03-04 13:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-04 12:39 . 2010-03-04 12:39 0 ----a-w- c:\windows\ativpsrm.bin
2010-02-26 11:32 . 2010-03-04 14:59 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-03-04 323392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-14 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr "= 1
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKLM\~\startupfolder\C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-17 16:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-10 16:20 689488 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2009-10-26 15:26 753664 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 08:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-04 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-15 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-04-21 242896]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-15 172032]
R2 AMDFusionSVC;Služby softwarového nástroje AMD Fusion;c:\program files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe [2009-09-08 383544]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-15 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-15 308064]
R3 GarenaPEngine;GarenaPEngine;c:\users\Tomas\AppData\Local\Temp\CUCB671.tmp [x]
R3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedie (cs)
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-RunOnce-<NO NAME> - (no file)
AddRemove-Nokia PC Suite - c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_cze.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\Tomas\AppData\Local\Temp\CUCB671.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-05-13 18:08:30
ComboFix-quarantined-files.txt 2010-05-13 16:08
Před spuštěním: Volných bajtů: 32 256 262 144
Po spuštění: Volných bajtů: 32 744 562 688
- - End Of File - - 8731360C1C5A1D1AA09D1D1D4B978A34
Re: Conflicker/Win64+32
Jinak teď jsem zkoušel spustit ten RSIT , nejde to má to problémy s kompatibilitou u Win7 a jelikož to dělám v nouzovém režimu nemůžu si přepnout abych to zpouštěl pod win xp.
Re: Conflicker/Win64+32
Garenu používáte? v odkazu na Rsit je v druhém příspěvku návod, jak ho spustit v režimu kompatibility. jak to ted vypadá s počítačem? Víte, kde jste ten vir chytil? Na jakých stránkách nebo s jakým souborem? Pokud ano, napište mi to prosím do sz Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Conflicker/Win64+32
Garenu používám.
Podle toho návodu jsem to dělal nejde to
Počkej přehodím na win7 a napíšu jestli to pořád dělá vymazalo to nějakej soubor tak uvidíme.
Myslím , že jsem to chytl od syna stahoval si jakejsi hack do nějaký hry ...
Jdu se kouknout co dělá ten systém.
Podle toho návodu jsem to dělal nejde to
Počkej přehodím na win7 a napíšu jestli to pořád dělá vymazalo to nějakej soubor tak uvidíme.
Myslím , že jsem to chytl od syna stahoval si jakejsi hack do nějaký hry ...
Jdu se kouknout co dělá ten systém.
Re: Conflicker/Win64+32
Dobře..dejte vědět. Kdyby jste měl ten crack, byla bych ráda - na další testy 
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Conflicker/Win64+32
Ok jsem tu a vše je v pohodě. Doufám , prej má podezření hodím odkaz.
Ještě bych se chtěl zeptat jaký antivir nebo tak podobně byste mi doporučil/a poslední dobou s těmi viry mám dost problém.
Ještě bych se chtěl zeptat jaký antivir nebo tak podobně byste mi doporučil/a poslední dobou s těmi viry mám dost problém.
Naposledy upravil(a) toomuuula dne 13 kvě 2010 17:51, celkem upraveno 1 x.
Re: Conflicker/Win64+32
Prosím link smažte, at se nenakazí někdo další , už ho mám, děkuji
, už ho mám, děkuji Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Conflicker/Win64+32
Hotovo !
Re: Conflicker/Win64+32
Potom kdyžtak dejte vědět jak to dopadlo ...
Jo a ještě bych chtěl pomoct , buď ten RSIT nebo combofix mi vytváří v PC složku Program data + Boot a nejde smazat do koše nevíte jak ji odstranit ?
Jo a ještě bych chtěl pomoct , buď ten RSIT nebo combofix mi vytváří v PC složku Program data + Boot a nejde smazat do koše nevíte jak ji odstranit ?
Re: Conflicker/Win64+32
Místo Rsitu mi pošlete log z Otl
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
- otevře se okno, v něm zaškrtněte Scan All Users , File Scan,
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko Run scan.
-proběhne sken a objeví se dva logy, obsah obou vložte zde
Místo AVG dejte raději Avast, a hlavně žádné keygeny a cracky 
Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
- otevře se okno, v něm zaškrtněte Scan All Users , File Scan,
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
CREATERESTOREPOINT-proběhne sken a objeví se dva logy, obsah obou vložte zde
Místo AVG dejte raději Avast, a hlavně žádné keygeny a cracky Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Conflicker/Win64+32
Ccleaner mám a používám. Jdu projet ty logy hodím to sem jo ty soubory nejsou odstranit i po tom všem
Re: Conflicker/Win64+32
OTL logfile created on: 13.5.2010 22:54:35 - Run 2
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Tomas\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,68 Gb Total Space | 30,66 Gb Free Space | 28,74% Space Free | Partition Type: NTFS
Drive D: | 116,44 Gb Total Space | 21,10 Gb Free Space | 18,12% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TOMAS-PC
Current User Name: Tomas
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.13 22:51:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
PRC - [2010.05.10 14:31:38 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Hry\Steam\Steam.exe
PRC - [2010.04.21 08:43:59 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.04.09 09:51:14 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.04.04 07:33:28 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.04.02 08:29:33 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.03.15 14:36:10 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.03.15 14:36:08 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.03.15 14:35:38 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010.03.04 16:13:43 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2010.01.29 19:32:04 | 000,268,928 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2010.01.04 18:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.09.08 12:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) -- C:\Program Files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
PRC - [2009.07.15 04:14:52 | 000,352,256 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.07.15 04:14:24 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.09 15:10:12 | 005,062,144 | ---- | M] (QIP) -- C:\QIP Infium\infium.exe
PRC - [2008.02.01 16:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008.01.23 11:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008.01.11 23:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007.12.04 11:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.04 20:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
========== Modules (SafeList) ==========
MOD - [2010.05.13 22:51:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.05.02 14:00:29 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.15 14:36:08 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.03.15 14:35:38 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.09.08 12:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe -- (AMDFusionSVC)
SRV - [2009.07.15 04:14:24 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.04.21 08:43:59 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.03.15 14:36:10 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.15 14:35:37 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.03.04 15:07:57 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.05 17:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.15 06:22:48 | 005,068,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009.07.14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.04.22 14:32:20 | 000,042,552 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.12.14 16:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FA 18 71 A1 9C BB CA 01 [binary data]
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Wikipedie (cs)"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.01 08:13:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.15 12:14:59 | 000,000,000 | ---D | M]
[2010.03.04 15:27:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla\Extensions
[2010.05.13 21:15:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\extensions
[2010.03.06 16:23:52 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.03.04 15:19:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1337111067-369123402-741310898-1001..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1337111067-369123402-741310898-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1337111067-369123402-741310898-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.240.190.129 81.19.5.10
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009.07.14 04:37:08 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 30 Days ==========
[2010.05.13 22:51:07 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2010.05.13 21:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2010.05.13 21:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.05.13 18:08:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.05.13 18:08:32 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.05.13 18:08:32 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\temp
[2010.05.13 12:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\System
[2010.05.13 12:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2010.05.13 11:14:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
[2010.05.13 11:14:08 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010.05.10 11:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Uloz.to Uploader
[2010.05.10 09:43:14 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\zprava_1705
[2010.05.08 01:03:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\ActiveSMART
[2010.05.07 15:15:43 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\HD Tune Pro
[2010.05.07 15:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2010.05.07 11:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010.05.07 11:01:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.05.07 10:32:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\WING32.DLL
[2010.05.07 10:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.05 18:54:31 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\MIX
[2010.05.04 18:27:01 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\Neighbours From Hell 1
[2010.05.04 09:37:22 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\BFBC2
[2010.05.03 17:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade
[2010.05.03 15:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010.05.03 15:49:46 | 000,000,000 | ---D | C] -- C:\Users\Tomas\SystemRequirementsLab
[2010.05.02 20:13:20 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\JoWooD
[2010.04.26 12:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.04.26 12:43:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2010.04.25 11:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Share Rapid Uploader
[2010.04.24 16:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2010.04.24 16:43:25 | 000,000,000 | ---D | C] -- C:\Program Files\3do
[2010.04.21 19:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010.04.20 16:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
========== Files - Modified Within 30 Days ==========
[2010.05.13 22:55:31 | 002,621,440 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT
[2010.05.13 22:51:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2010.05.13 20:45:27 | 003,727,311 | ---- | M] () -- C:\Users\Tomas\Desktop\MIra.rar
[2010.05.13 20:29:57 | 001,454,258 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.13 20:29:57 | 000,625,914 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.13 20:29:57 | 000,610,094 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.13 20:29:57 | 000,120,000 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.13 20:29:57 | 000,104,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.13 20:11:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.13 18:54:09 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.13 18:54:09 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.13 18:51:36 | 059,932,514 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.05.13 18:46:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.13 18:46:48 | 2213,920,768 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.13 18:15:03 | 000,824,681 | ---- | M] () -- C:\RSIT.exe
[2010.05.13 18:06:43 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.05.13 13:04:57 | 000,001,296 | ---- | M] () -- C:\Users\Tomas\Desktop\SRDownloader.nast
[2010.05.13 12:05:24 | 002,105,452 | ---- | M] () -- C:\Users\Tomas\Desktop\MW2Client-from-New.rar
[2010.05.13 11:47:57 | 080,924,816 | ---- | M] () -- C:\Users\Tomas\Desktop\DLC_Maps.part2.rar
[2010.05.13 11:44:58 | 208,666,624 | ---- | M] () -- C:\Users\Tomas\Desktop\DLC_Maps.part1.rar
[2010.05.13 11:44:37 | 151,532,833 | ---- | M] () -- C:\Users\Tomas\Desktop\MW2Client-from-Old.rar
[2010.05.11 12:52:49 | 001,145,124 | ---- | M] () -- C:\Users\Tomas\Desktop\macgyver.mp3
[2010.05.10 11:17:52 | 000,018,562 | ---- | M] () -- C:\Users\Tomas\Desktop\templang.fup
[2010.05.10 11:12:28 | 615,442,207 | ---- | M] () -- C:\Users\Tomas\Desktop\Justin Timberlake - Greatest Hits 2008.rar
[2010.05.09 21:48:18 | 000,467,456 | ---- | M] () -- C:\Users\Tomas\Desktop\FYZ UHLI.doc
[2010.05.07 10:24:08 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:24:08 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:24:08 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TM.blf
[2010.05.07 10:07:32 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:07:32 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:07:32 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TM.blf
[2010.05.06 16:21:08 | 000,001,667 | ---- | M] () -- C:\Users\Tomas\Desktop\L4D2 Control Center.lnk
[2010.05.06 16:21:07 | 000,001,636 | ---- | M] () -- C:\Users\Tomas\Desktop\Left 4 Dead 2.lnk
[2010.05.04 09:37:38 | 000,139,128 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.05.04 09:37:29 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.05.03 21:45:06 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.05.02 13:19:21 | 000,000,660 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.02 13:19:21 | 000,000,660 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2010.04.29 23:53:27 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000002.regtrans-ms
[2010.04.29 23:53:27 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000001.regtrans-ms
[2010.04.29 23:53:27 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TM.blf
[2010.04.26 12:43:40 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.04.25 21:35:02 | 001,048,576 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.2.regtrans-ms
[2010.04.25 21:35:02 | 001,048,576 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.1.regtrans-ms
[2010.04.25 21:35:01 | 001,048,576 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.0.regtrans-ms
[2010.04.25 21:35:01 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.blf
[2010.04.21 19:47:15 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Pc suite.lnk
[2010.04.21 08:43:59 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010.04.20 18:30:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010.04.20 16:52:31 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.04.19 17:32:08 | 000,015,363 | ---- | M] () -- C:\Users\Tomas\Desktop\čj 9.docx
[2010.04.15 12:14:59 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2010.05.13 20:45:25 | 003,727,311 | ---- | C] () -- C:\Users\Tomas\Desktop\MIra.rar
[2010.05.13 18:15:17 | 000,824,681 | ---- | C] () -- C:\RSIT.exe
[2010.05.13 12:05:19 | 002,105,452 | ---- | C] () -- C:\Users\Tomas\Desktop\MW2Client-from-New.rar
[2010.05.13 11:45:04 | 080,924,816 | ---- | C] () -- C:\Users\Tomas\Desktop\DLC_Maps.part2.rar
[2010.05.13 11:34:42 | 208,666,624 | ---- | C] () -- C:\Users\Tomas\Desktop\DLC_Maps.part1.rar
[2010.05.13 11:30:46 | 151,532,833 | ---- | C] () -- C:\Users\Tomas\Desktop\MW2Client-from-Old.rar
[2010.05.11 12:52:33 | 001,145,124 | ---- | C] () -- C:\Users\Tomas\Desktop\macgyver.mp3
[2010.05.10 11:17:35 | 000,018,562 | ---- | C] () -- C:\Users\Tomas\Desktop\templang.fup
[2010.05.10 11:07:28 | 615,442,207 | ---- | C] () -- C:\Users\Tomas\Desktop\Justin Timberlake - Greatest Hits 2008.rar
[2010.05.09 21:44:24 | 000,467,456 | ---- | C] () -- C:\Users\Tomas\Desktop\FYZ UHLI.doc
[2010.05.07 10:24:08 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:24:08 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:24:08 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TM.blf
[2010.05.07 10:07:32 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:07:32 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:07:32 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TM.blf
[2010.05.06 16:21:08 | 000,001,667 | ---- | C] () -- C:\Users\Tomas\Desktop\L4D2 Control Center.lnk
[2010.05.06 16:21:07 | 000,001,636 | ---- | C] () -- C:\Users\Tomas\Desktop\Left 4 Dead 2.lnk
[2010.05.03 21:45:06 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.05.02 13:19:21 | 000,000,660 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.02 13:19:21 | 000,000,660 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2010.04.29 19:13:16 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000002.regtrans-ms
[2010.04.29 19:13:16 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000001.regtrans-ms
[2010.04.29 19:13:16 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TM.blf
[2010.04.26 12:43:40 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.04.25 21:35:02 | 001,048,576 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.2.regtrans-ms
[2010.04.25 21:35:02 | 001,048,576 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.1.regtrans-ms
[2010.04.25 21:35:01 | 001,048,576 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.0.regtrans-ms
[2010.04.25 21:35:01 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.blf
[2010.04.21 19:47:15 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Pc suite.lnk
[2010.04.21 19:16:08 | 000,001,296 | ---- | C] () -- C:\Users\Tomas\Desktop\SRDownloader.nast
[2010.04.20 18:30:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010.04.20 16:52:31 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.04.15 13:27:03 | 000,015,363 | ---- | C] () -- C:\Users\Tomas\Desktop\čj 9.docx
[2010.04.02 15:44:25 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.04.02 15:43:41 | 000,000,271 | ---- | C] () -- C:\Windows\game.ini
[2010.03.06 16:23:16 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.03.06 16:21:51 | 000,000,053 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.03.04 15:07:57 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2010.05.13 18:15:03 | 000,824,681 | ---- | M] () -- C:\RSIT.exe
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
< %SYSTEMDRIVE%\viamraid.sys /s /md5 >
< %SYSTEMDRIVE%\nvata.sys /s /md5 >
< End of report >
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Tomas\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,68 Gb Total Space | 30,66 Gb Free Space | 28,74% Space Free | Partition Type: NTFS
Drive D: | 116,44 Gb Total Space | 21,10 Gb Free Space | 18,12% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TOMAS-PC
Current User Name: Tomas
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.13 22:51:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
PRC - [2010.05.10 14:31:38 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Hry\Steam\Steam.exe
PRC - [2010.04.21 08:43:59 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.04.09 09:51:14 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.04.04 07:33:28 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.04.02 08:29:33 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.03.15 14:36:10 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.03.15 14:36:08 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.03.15 14:35:38 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010.03.04 16:13:43 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2010.01.29 19:32:04 | 000,268,928 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2010.01.04 18:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.09.08 12:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) -- C:\Program Files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
PRC - [2009.07.15 04:14:52 | 000,352,256 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.07.15 04:14:24 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.09 15:10:12 | 005,062,144 | ---- | M] (QIP) -- C:\QIP Infium\infium.exe
PRC - [2008.02.01 16:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008.01.23 11:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008.01.11 23:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007.12.04 11:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.04 20:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
========== Modules (SafeList) ==========
MOD - [2010.05.13 22:51:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.05.02 14:00:29 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.15 14:36:08 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.03.15 14:35:38 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.09.08 12:48:24 | 000,383,544 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe -- (AMDFusionSVC)
SRV - [2009.07.15 04:14:24 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.06.15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.04.21 08:43:59 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.03.15 14:36:10 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.15 14:35:37 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.03.04 15:07:57 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.05 17:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.15 06:22:48 | 005,068,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009.07.14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.04.22 14:32:20 | 000,042,552 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.12.14 16:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FA 18 71 A1 9C BB CA 01 [binary data]
IE - HKU\S-1-5-21-1337111067-369123402-741310898-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Wikipedie (cs)"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.01 08:13:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.15 12:14:59 | 000,000,000 | ---D | M]
[2010.03.04 15:27:17 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla\Extensions
[2010.05.13 21:15:05 | 000,000,000 | ---D | M] -- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\extensions
[2010.03.06 16:23:52 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.03.04 15:19:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1337111067-369123402-741310898-1001..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1337111067-369123402-741310898-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1337111067-369123402-741310898-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1337111067-369123402-741310898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.240.190.129 81.19.5.10
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009.07.14 04:37:08 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 30 Days ==========
[2010.05.13 22:51:07 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2010.05.13 21:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2010.05.13 21:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.05.13 18:08:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.05.13 18:08:32 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.05.13 18:08:32 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\temp
[2010.05.13 12:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\System
[2010.05.13 12:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2010.05.13 11:14:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
[2010.05.13 11:14:08 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010.05.10 11:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Uloz.to Uploader
[2010.05.10 09:43:14 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\zprava_1705
[2010.05.08 01:03:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\ActiveSMART
[2010.05.07 15:15:43 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\HD Tune Pro
[2010.05.07 15:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro
[2010.05.07 11:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010.05.07 11:01:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.05.07 10:32:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\WING32.DLL
[2010.05.07 10:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.05 18:54:31 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\MIX
[2010.05.04 18:27:01 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Desktop\Neighbours From Hell 1
[2010.05.04 09:37:22 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\BFBC2
[2010.05.03 17:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade
[2010.05.03 15:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010.05.03 15:49:46 | 000,000,000 | ---D | C] -- C:\Users\Tomas\SystemRequirementsLab
[2010.05.02 20:13:20 | 000,000,000 | ---D | C] -- C:\Users\Tomas\Documents\JoWooD
[2010.04.26 12:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.04.26 12:43:15 | 000,000,000 | ---D | C] -- C:\Users\Tomas\AppData\Roaming\uTorrent
[2010.04.25 11:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Share Rapid Uploader
[2010.04.24 16:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2010.04.24 16:43:25 | 000,000,000 | ---D | C] -- C:\Program Files\3do
[2010.04.21 19:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010.04.20 16:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
========== Files - Modified Within 30 Days ==========
[2010.05.13 22:55:31 | 002,621,440 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT
[2010.05.13 22:51:07 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Tomas\Desktop\OTL.exe
[2010.05.13 20:45:27 | 003,727,311 | ---- | M] () -- C:\Users\Tomas\Desktop\MIra.rar
[2010.05.13 20:29:57 | 001,454,258 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.13 20:29:57 | 000,625,914 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.13 20:29:57 | 000,610,094 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.13 20:29:57 | 000,120,000 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.13 20:29:57 | 000,104,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.13 20:11:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.13 18:54:09 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.13 18:54:09 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.13 18:51:36 | 059,932,514 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.05.13 18:46:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.13 18:46:48 | 2213,920,768 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.13 18:15:03 | 000,824,681 | ---- | M] () -- C:\RSIT.exe
[2010.05.13 18:06:43 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.05.13 13:04:57 | 000,001,296 | ---- | M] () -- C:\Users\Tomas\Desktop\SRDownloader.nast
[2010.05.13 12:05:24 | 002,105,452 | ---- | M] () -- C:\Users\Tomas\Desktop\MW2Client-from-New.rar
[2010.05.13 11:47:57 | 080,924,816 | ---- | M] () -- C:\Users\Tomas\Desktop\DLC_Maps.part2.rar
[2010.05.13 11:44:58 | 208,666,624 | ---- | M] () -- C:\Users\Tomas\Desktop\DLC_Maps.part1.rar
[2010.05.13 11:44:37 | 151,532,833 | ---- | M] () -- C:\Users\Tomas\Desktop\MW2Client-from-Old.rar
[2010.05.11 12:52:49 | 001,145,124 | ---- | M] () -- C:\Users\Tomas\Desktop\macgyver.mp3
[2010.05.10 11:17:52 | 000,018,562 | ---- | M] () -- C:\Users\Tomas\Desktop\templang.fup
[2010.05.10 11:12:28 | 615,442,207 | ---- | M] () -- C:\Users\Tomas\Desktop\Justin Timberlake - Greatest Hits 2008.rar
[2010.05.09 21:48:18 | 000,467,456 | ---- | M] () -- C:\Users\Tomas\Desktop\FYZ UHLI.doc
[2010.05.07 10:24:08 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:24:08 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:24:08 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TM.blf
[2010.05.07 10:07:32 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:07:32 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:07:32 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TM.blf
[2010.05.06 16:21:08 | 000,001,667 | ---- | M] () -- C:\Users\Tomas\Desktop\L4D2 Control Center.lnk
[2010.05.06 16:21:07 | 000,001,636 | ---- | M] () -- C:\Users\Tomas\Desktop\Left 4 Dead 2.lnk
[2010.05.04 09:37:38 | 000,139,128 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.05.04 09:37:29 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.05.03 21:45:06 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.05.02 13:19:21 | 000,000,660 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.02 13:19:21 | 000,000,660 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2010.04.29 23:53:27 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000002.regtrans-ms
[2010.04.29 23:53:27 | 000,524,288 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000001.regtrans-ms
[2010.04.29 23:53:27 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TM.blf
[2010.04.26 12:43:40 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.04.25 21:35:02 | 001,048,576 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.2.regtrans-ms
[2010.04.25 21:35:02 | 001,048,576 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.1.regtrans-ms
[2010.04.25 21:35:01 | 001,048,576 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.0.regtrans-ms
[2010.04.25 21:35:01 | 000,065,536 | -HS- | M] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.blf
[2010.04.21 19:47:15 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Pc suite.lnk
[2010.04.21 08:43:59 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010.04.20 18:30:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010.04.20 16:52:31 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.04.19 17:32:08 | 000,015,363 | ---- | M] () -- C:\Users\Tomas\Desktop\čj 9.docx
[2010.04.15 12:14:59 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2010.05.13 20:45:25 | 003,727,311 | ---- | C] () -- C:\Users\Tomas\Desktop\MIra.rar
[2010.05.13 18:15:17 | 000,824,681 | ---- | C] () -- C:\RSIT.exe
[2010.05.13 12:05:19 | 002,105,452 | ---- | C] () -- C:\Users\Tomas\Desktop\MW2Client-from-New.rar
[2010.05.13 11:45:04 | 080,924,816 | ---- | C] () -- C:\Users\Tomas\Desktop\DLC_Maps.part2.rar
[2010.05.13 11:34:42 | 208,666,624 | ---- | C] () -- C:\Users\Tomas\Desktop\DLC_Maps.part1.rar
[2010.05.13 11:30:46 | 151,532,833 | ---- | C] () -- C:\Users\Tomas\Desktop\MW2Client-from-Old.rar
[2010.05.11 12:52:33 | 001,145,124 | ---- | C] () -- C:\Users\Tomas\Desktop\macgyver.mp3
[2010.05.10 11:17:35 | 000,018,562 | ---- | C] () -- C:\Users\Tomas\Desktop\templang.fup
[2010.05.10 11:07:28 | 615,442,207 | ---- | C] () -- C:\Users\Tomas\Desktop\Justin Timberlake - Greatest Hits 2008.rar
[2010.05.09 21:44:24 | 000,467,456 | ---- | C] () -- C:\Users\Tomas\Desktop\FYZ UHLI.doc
[2010.05.07 10:24:08 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:24:08 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:24:08 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{d11bfd17-59b1-11df-8c22-060025fb0013}.TM.blf
[2010.05.07 10:07:32 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000002.regtrans-ms
[2010.05.07 10:07:32 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TMContainer00000000000000000001.regtrans-ms
[2010.05.07 10:07:32 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{826d6392-59af-11df-b692-0600e34f3017}.TM.blf
[2010.05.06 16:21:08 | 000,001,667 | ---- | C] () -- C:\Users\Tomas\Desktop\L4D2 Control Center.lnk
[2010.05.06 16:21:07 | 000,001,636 | ---- | C] () -- C:\Users\Tomas\Desktop\Left 4 Dead 2.lnk
[2010.05.03 21:45:06 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.05.02 13:19:21 | 000,000,660 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.02 13:19:21 | 000,000,660 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk
[2010.04.29 19:13:16 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000002.regtrans-ms
[2010.04.29 19:13:16 | 000,524,288 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TMContainer00000000000000000001.regtrans-ms
[2010.04.29 19:13:16 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{6f0c3863-53b2-11df-b936-04004a0beae4}.TM.blf
[2010.04.26 12:43:40 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.04.25 21:35:02 | 001,048,576 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.2.regtrans-ms
[2010.04.25 21:35:02 | 001,048,576 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.1.regtrans-ms
[2010.04.25 21:35:01 | 001,048,576 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.0.regtrans-ms
[2010.04.25 21:35:01 | 000,065,536 | -HS- | C] () -- C:\Users\Tomas\NTUSER.DAT{c57c40dd-42fa-11df-9e88-04006da500f8}.TxR.blf
[2010.04.21 19:47:15 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Pc suite.lnk
[2010.04.21 19:16:08 | 000,001,296 | ---- | C] () -- C:\Users\Tomas\Desktop\SRDownloader.nast
[2010.04.20 18:30:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010.04.20 16:52:31 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.04.15 13:27:03 | 000,015,363 | ---- | C] () -- C:\Users\Tomas\Desktop\čj 9.docx
[2010.04.02 15:44:25 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.04.02 15:43:41 | 000,000,271 | ---- | C] () -- C:\Windows\game.ini
[2010.03.06 16:23:16 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.03.06 16:21:51 | 000,000,053 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.03.04 15:07:57 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2010.05.13 18:15:03 | 000,824,681 | ---- | M] () -- C:\RSIT.exe
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
< %SYSTEMDRIVE%\viamraid.sys /s /md5 >
< %SYSTEMDRIVE%\nvata.sys /s /md5 >
< End of report >
Re: Conflicker/Win64+32
Jaké soubory nejdou odstranit?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?