Problém s virem

Zpráva

pepaa · #1 Příspěvek od **pepaa** » 20 kvě 2010 15:32

Zdravim, chi se zeptat mám zkušební versi nortonu a ten mi nalezl asi 50 nakažených souborů, moc se nevyznám, tak zde vkládám log, prosím o kontrolu...díky....nejsem si jistý, jestli mám vir....

Logfile of random's system information tool 1.07 (written by random/random)
Run by kk at 2010-05-20 16:29:28
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (14%) free of 76 GB
Total RAM: 511 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:29:44, on 20.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\WINDOWS2\Explorer.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS2\SOUNDMAN.EXE
C:\WINDOWS2\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Keyboard Driver\OEMDriver.exe
C:\Program Files\RK Launcher\RKLauncher.exe
C:\WINDOWS2\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\WINDOWS2\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS2\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kk\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\kk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2086743
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS2\FlyakiteOSX\Tools\System Files Updater.exe /S
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe
O4 - HKCU\..\Run: [RK Launcher] C:\Program Files\RK Launcher\RKLauncher.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS2\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS2\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS2\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS2\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS2\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS2\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8599432406
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS2\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS2\system32\browseui.dll
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 7688 bytes

======Scheduled tasks folder======

C:\WINDOWS2\tasks\AppleSoftwareUpdate.job
C:\WINDOWS2\tasks\MP Scheduled Scan.job
C:\WINDOWS2\tasks\Norton Security Scan for kk.job
C:\WINDOWS2\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]
PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-20 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{dd02a4eb-4afd-4d60-99d8-e67f964ca813} - PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-02-21 1093208]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"SoundMan"=C:\WINDOWS2\SOUNDMAN.EXE [2007-04-16 577536]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"System Files Updater"=C:\WINDOWS2\FlyakiteOSX\Tools\System Files Updater.exe [2006-02-26 118485]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"KBDriver"=C:\Program Files\Keyboard Driver\OEMDriver.exe [2004-08-25 151552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RK Launcher"=C:\Program Files\RK Launcher\RKLauncher.exe [2005-10-19 393216]
"Alt+Q Hotkey Tool"=C:\WINDOWS2\Alt+Q Hotkey.exe [2005-12-18 27648]
"UberIcon"=C:\Program Files\UberIcon\UberIcon Manager.exe [2006-02-24 188416]
"Yz Shadow"=C:\Program Files\YzShadow\YzShadow.exe [2006-02-24 172032]
"ctfmon.exe"=C:\WINDOWS2\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-03-28 133368]
"ManyCam"=C:\Program Files\ManyCam 2.4\ManyCam.exe [2010-04-21 1824040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS2\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-05-12 12:52:49 ----HDC---- C:\WINDOWS2\$NtUninstallKB978542$
2010-05-11 14:11:54 ----D---- C:\Program Files\Norton Security Scan
2010-05-11 14:11:53 ----D---- C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Norton
2010-05-11 14:11:52 ----D---- C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Symantec
2010-05-11 14:11:20 ----D---- C:\Program Files\NortonInstaller
2010-05-11 14:11:20 ----D---- C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\NortonInstaller
2010-05-11 13:54:37 ----A---- C:\WINDOWS2\amcap.exe
2010-05-11 13:54:27 ----A---- C:\WINDOWS2\CameraFixer.exe
2010-05-11 13:54:26 ----A---- C:\WINDOWS2\vsnpstd.exe
2010-05-11 13:54:26 ----A---- C:\WINDOWS2\snpstd.ini
2010-05-11 13:54:13 ----A---- C:\WINDOWS2\system32\rsnpstd.dll
2010-05-11 13:54:13 ----A---- C:\WINDOWS2\system32\csnpstd.dll
2010-05-11 13:54:12 ----A---- C:\WINDOWS2\system32\vsnpstd.dll
2010-05-11 13:54:11 ----A---- C:\WINDOWS2\usnpstd.exe
2010-05-11 13:54:10 ----D---- C:\Program Files\Common Files\snpstd
2010-05-11 13:42:27 ----A---- C:\WINDOWS2\system32\vfwwdm32.dll
2010-05-11 13:41:56 ----D---- C:\Documents and Settings\kk\Data aplikací\ManyCam
2010-05-07 16:48:13 ----D---- C:\WINDOWS2\Minidump
2010-04-27 16:44:59 ----D---- C:\WINDOWS2\Sun
2010-04-27 16:42:55 ----A---- C:\WINDOWS2\PhotoSnapViewer.INI
2010-04-27 15:18:17 ----D---- C:\Documents and Settings\kk\Data aplikací\Ableton
2010-04-27 15:18:16 ----A---- C:\WINDOWS2\system32\ReWire.dll
2010-04-27 15:18:15 ----A---- C:\WINDOWS2\system32\msvcr71.dll
2010-04-27 15:18:15 ----A---- C:\WINDOWS2\system32\msvcp71.dll
2010-04-27 15:18:15 ----A---- C:\WINDOWS2\system32\mfc71.dll
2010-04-27 15:16:07 ----D---- C:\Program Files\Ableton
2010-04-27 15:15:27 ----A---- C:\WINDOWS2\system32\gdiplus.dll
2010-04-27 11:12:58 ----D---- C:\Program Files\Conduit
2010-04-27 11:12:50 ----D---- C:\Program Files\PHPNukeEN
2010-04-27 11:12:03 ----D---- C:\Program Files\DsNET Corp

======List of files/folders modified in the last 1 months======

2010-05-20 16:29:39 ----D---- C:\Program Files\trend micro
2010-05-20 16:29:36 ----D---- C:\WINDOWS2\Prefetch
2010-05-20 16:27:41 ----D---- C:\Documents and Settings\kk\Data aplikací\Skype
2010-05-20 16:25:15 ----D---- C:\WINDOWS2\temp
2010-05-20 16:08:23 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-05-20 15:49:21 ----D---- C:\WINDOWS2
2010-05-20 14:13:01 ----SD---- C:\WINDOWS2\Tasks
2010-05-20 14:09:08 ----D---- C:\Documents and Settings\kk\Data aplikací\ICQ
2010-05-20 14:08:44 ----D---- C:\WINDOWS2\system32\CatRoot2
2010-05-20 14:07:18 ----HD---- C:\WINDOWS2\FlyakiteOSX
2010-05-19 16:53:35 ----D---- C:\Documents and Settings\kk\Data aplikací\skypePM
2010-05-19 14:11:28 ----HD---- C:\WINDOWS2\inf
2010-05-17 18:37:54 ----N---- C:\WINDOWS2\SchedLgU.Txt
2010-05-13 10:32:52 ----D---- C:\WINDOWS2\Debug
2010-05-12 13:19:57 ----D---- C:\WINDOWS2\system32
2010-05-12 13:19:57 ----D---- C:\Program Files\Outlook Express
2010-05-12 12:53:19 ----RSHDC---- C:\WINDOWS2\system32\dllcache
2010-05-12 11:58:34 ----HD---- C:\WINDOWS2\$hf_mig$
2010-05-11 14:11:55 ----D---- C:\WINDOWS2\system32\drivers
2010-05-11 14:11:54 ----RD---- C:\Program Files
2010-05-11 13:54:25 ----D---- C:\WINDOWS2\twain_32
2010-05-11 13:54:10 ----D---- C:\Program Files\Common Files
2010-05-11 13:53:59 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-08 21:47:54 ----A---- C:\WINDOWS2\NeroDigital.ini
2010-05-06 10:36:38 ----N---- C:\WINDOWS2\system32\MpSigStub.exe
2010-04-30 20:51:06 ----A---- C:\WINDOWS2\system32\MRT.exe
2010-04-25 20:57:51 ----D---- C:\Documents and Settings\kk\Data aplikací\Ahead

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS2\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS2\system32\DRIVERS\MpFilter.sys [2009-12-02 149040]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS2\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS2\system32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS2\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 nv;nv; C:\WINDOWS2\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS2\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS2\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS2\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS2\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS2\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS2\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS2\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS2\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS2\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS2\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz;cpuz; \??\C:\Program Files\Tiger System Preferences v2\Skins\gif\cpuz.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS2\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS2\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS2\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS2\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS2\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS2\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS2\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS2\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS2\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS2\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS2\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS2\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-20 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-12-09 17904]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS2\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

děkuji

#2 Příspěvek od **Caroprd111** » 20 kvě 2010 16:54

Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

pepaa · #3 Příspěvek od **pepaa** » 21 kvě 2010 11:26

Caroprd111 píše:Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

jj díky, takže sem vložil ten skript, teď sem dal prohledat, všechno sem označil a teď teda už jen čekat ano????nebo sem měl dát vyčistit, po té když sem tam vložil ten skript?? díky za odpověď

pepaa · #4 Příspěvek od **pepaa** » 21 kvě 2010 11:54

Extras...

OTL Extras logfile created on: 21.5.2010 12:23:31 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\kk\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 200,00 Mb Available Physical Memory | 39,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS2 | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 10,37 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 510,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOSE-1606211D6E
Current User Name: kk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = USB PC Camera (SN9C102)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F09CFF49-CF9F-11D8-86F6-0050BF6C9337}" = Multimedia Keyboard Driver 1.0
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Ableton Live_is1" = Ableton Live v6.0.7
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aTube Catcher" = aTube Catcher
"CCleaner" = CCleaner
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"FlyakiteOSX" = FlyakiteOSX
"Hidden and Dangerous Deluxe" = Hidden and Dangerous Deluxe
"HijackThis" = HijackThis 2.0.2
"iColorFolder" = iColorFolder
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"ManyCam" = ManyCam 2.4 (remove only)
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NSS" = Norton Security Scan
"PHPNukeEN Toolbar" = PHPNukeEN Toolbar
"Tiger System Preferences v2" = Tiger System Preferences v2
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.4.2010 3:58:41 | Computer Name = JOSE-1606211D6E | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
nemp4splitter.ax, verze 4.9.4.1, adresa chyby 0x0002a65b.

Error - 27.4.2010 4:01:09 | Computer Name = JOSE-1606211D6E | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
nemp4splitter.ax, verze 4.9.4.1, adresa chyby 0x0002a65b.

Error - 27.4.2010 5:17:39 | Computer Name = JOSE-1606211D6E | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
nemp4splitter.ax, verze 4.9.4.1, adresa chyby 0x0002a65b.

Error - 27.4.2010 5:19:28 | Computer Name = JOSE-1606211D6E | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 27.4.2010 5:23:31 | Computer Name = JOSE-1606211D6E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.4.2010 5:28:53 | Computer Name = JOSE-1606211D6E | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
nemp4splitter.ax, verze 4.9.4.1, adresa chyby 0x0002a65b.

Error - 10.5.2010 10:27:09 | Computer Name = JOSE-1606211D6E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 20.5.2010 19:15:28 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:29 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:31 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:31 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:32 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:33 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:34 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:35 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:38 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

Error - 20.5.2010 19:15:39 | Computer Name = JOSE-1606211D6E | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom1 má chybný blok.

< End of report >

pepaa · #5 Příspěvek od **pepaa** » 21 kvě 2010 11:57

1 část nevejde se mi t o celé ..OTL logfile created on: 21.5.2010 12:23:31 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\kk\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 200,00 Mb Available Physical Memory | 39,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS2 | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 10,37 Gb Free Space | 13,92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 510,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOSE-1606211D6E
Current User Name: kk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.21 12:21:46 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kk\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.21 10:26:00 | 001,824,040 | ---- | M] (ManyCam LLC) -- C:\Program Files\ManyCam 2.4\ManyCam.exe
PRC - [2010.04.01 19:59:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.03.28 14:39:17 | 000,133,368 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.0\ICQ.exe
PRC - [2010.02.21 06:03:12 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.12.09 19:02:36 | 000,202,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2008.04.14 05:22:22 | 001,366,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\explorer.exe
PRC - [2007.04.16 16:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS2\soundman.exe
PRC - [2007.03.12 13:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 13:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.02.24 04:51:00 | 000,172,032 | ---- | M] (Y'z@Home) -- C:\Program Files\YzShadow\YzShadow.exe
PRC - [2006.02.24 02:32:22 | 000,188,416 | ---- | M] () -- C:\Program Files\UberIcon\UberIcon Manager.exe
PRC - [2005.12.18 21:14:24 | 000,027,648 | ---- | M] () -- C:\WINDOWS2\Alt+Q Hotkey.exe
PRC - [2005.10.19 09:40:30 | 000,393,216 | ---- | M] (RaduKing) -- C:\Program Files\RK Launcher\RKLauncher.exe
PRC - [2004.08.25 22:27:22 | 000,151,552 | ---- | M] () -- C:\Program Files\Keyboard Driver\OEMDriver.exe

========== Modules (SafeList) ==========

MOD - [2010.05.21 12:21:46 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kk\Dokumenty\Stažené soubory\OTL.exe
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS2\system32\msscript.ocx
MOD - [2005.10.19 08:58:08 | 000,053,248 | ---- | M] (RaduKing) -- C:\Program Files\RK Launcher\RKLauncher.dll
MOD - [2005.08.14 09:26:14 | 000,065,536 | ---- | M] () -- C:\Program Files\UberIcon\UberIcon.dll
MOD - [2002.10.01 04:08:58 | 000,053,248 | ---- | M] () -- C:\Program Files\YzShadow\YzShadow.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.12.09 19:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2006.03.02 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)

========== Driver Services (SafeList) ==========

DRV - [2009.12.02 16:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS2\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2008.01.14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS2\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007.04.25 17:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS2\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.08.17 17:45:18 | 000,606,556 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS2\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS2\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.08.04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS2\system32\drivers\nv4_mini.sys -- (nv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS2\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS2\system32\blank.htm
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2086743
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\URLSearchHook: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/sli ... ie7&query="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.1
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {b3f91530-1905-11de-8c30-0800200c9a66}:0.9
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... e=en_EU&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.09 14:23:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.20 11:01:22 | 000,000,000 | ---D | M]

[2010.03.14 19:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Extensions
[2010.05.20 13:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions
[2010.03.16 15:22:26 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.04.04 17:40:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions\{113c2360-15a3-11de-8c30-0800200c9a66}
[2010.03.14 23:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.04 17:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions\{b3f91530-1905-11de-8c30-0800200c9a66}
[2010.04.20 16:07:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.04.20 16:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions\staged-xpis
[2010.04.10 17:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\extensions\toolbar@ask.com
[2010.04.10 17:27:37 | 000,002,253 | ---- | M] () -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\searchplugins\askcom.xml
[2010.05.17 20:41:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\searchplugins\icqplugin-1.xml
[2010.04.04 17:45:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\searchplugins\icqplugin-2.xml
[2010.03.29 17:26:54 | 000,000,947 | ---- | M] () -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\searchplugins\icqplugin.xml
[2010.03.16 15:30:13 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\kk\Data aplikací\Mozilla\Firefox\Profiles\q58cu5d6.default\searchplugins\winamp-search.xml
[2010.05.20 13:22:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.05.03 19:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.16 16:42:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.20 11:01:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009.10.05 18:34:50 | 000,118,000 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\qippipe.dll
[2010.04.20 10:59:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2004.08.18 14:00:00 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npdrmv2.dll
[2005.11.29 16:27:06 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\Mozilla Firefox\plugins\npdsplay.dll
[2008.11.04 10:41:26 | 000,026,112 | ---- | M] (Worldweaver Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\npDXStudioPlugin.dll
[2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2004.08.18 14:00:00 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.03.21 19:50:33 | 000,000,027 | ---- | M]) - C:\WINDOWS2\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (PHPNukeEN Toolbar) - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (PHPNukeEN Toolbar) - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\Toolbar\WebBrowser: (PHPNukeEN Toolbar) - {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} - C:\Program Files\PHPNukeEN\tbPHPN.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS2\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS2\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [System Files Updater] C:\WINDOWS2\FlyakiteOSX\Tools\System Files Updater.exe ()
O4 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS2\Alt+Q Hotkey.exe ()
O4 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004..\Run: [ManyCam] C:\Program Files\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
O4 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004..\Run: [RK Launcher] C:\Program Files\RK Launcher\RKLauncher.exe (RaduKing)
O4 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004..\Run: [UberIcon] C:\Program Files\UberIcon\UberIcon Manager.exe ()
O4 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe (Y'z@Home)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Místní vyhledávání.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1409082233-1284227242-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 8599432406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.30.64.53 217.30.64.54
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS2\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\kk\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\kk\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.06.29 10:36:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001.11.11 08:07:18 | 000,000,112 | ---- | M] () - C:\Autoplay.ply -- [ NTFS ]
O32 - AutoRun File - [2002.02.26 23:22:06 | 001,597,440 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2002.01.24 14:21:02 | 000,000,049 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS2\system32\ias [2010.03.14 18:25:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS2\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)

Drivers32: msacm.iac2 - C:\WINDOWS2\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS2\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS2\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS2\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS2\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS2\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS2\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS2\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS2\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS2\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027075282206720)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.21 11:49:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\kk\Recent
[2010.05.12 16:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Plocha\Nová složka (2)
[2010.05.11 14:11:55 | 000,000,000 | ---D | C] -- C:\WINDOWS2\System32\drivers\NSS
[2010.05.11 14:11:55 | 000,000,000 | ---D | C] -- C:\WINDOWS2\System32\drivers\NSS\0207030.022
[2010.05.11 14:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2010.05.11 14:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Norton
[2010.05.11 14:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\Symantec
[2010.05.11 14:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010.05.11 14:11:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS2\Data aplikací\NortonInstaller
[2010.05.11 13:54:37 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\amcap.exe
[2010.05.11 13:54:13 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS2\System32\rsnpstd.dll
[2010.05.11 13:54:13 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS2\System32\csnpstd.dll
[2010.05.11 13:54:12 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS2\System32\vsnpstd.dll
[2010.05.11 13:54:12 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS2\System32\dsnpstd.ax
[2010.05.11 13:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\snpstd
[2010.05.11 13:44:27 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\mstee.sys
[2010.05.11 13:44:16 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\ndisip.sys
[2010.05.11 13:44:08 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\streamip.sys
[2010.05.11 13:44:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\ipsink.ax
[2010.05.11 13:44:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\ipsink.ax
[2010.05.11 13:43:58 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\slip.sys
[2010.05.11 13:43:36 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\wstcodec.sys
[2010.05.11 13:43:18 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\nabtsfec.sys
[2010.05.11 13:42:54 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\ccdecode.sys
[2010.05.11 13:42:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\vfwwdm32.dll
[2010.05.11 13:42:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\vfwwdm32.dll
[2010.05.11 13:42:23 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\kswdmcap.ax
[2010.05.11 13:42:23 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\kswdmcap.ax
[2010.05.11 13:42:23 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\ksxbar.ax
[2010.05.11 13:42:23 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\ksxbar.ax
[2010.05.11 13:42:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\kstvtune.ax
[2010.05.11 13:42:21 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\dllcache\kstvtune.ax
[2010.05.11 13:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Data aplikací\ManyCam
[2010.05.10 13:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Plocha\medialink
[2010.05.07 16:48:13 | 000,000,000 | ---D | C] -- C:\WINDOWS2\Minidump
[2010.04.27 16:44:59 | 000,000,000 | ---D | C] -- C:\WINDOWS2\Sun
[2010.04.27 16:42:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Plocha\Nová složka
[2010.04.27 15:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Dokumenty\Ableton
[2010.04.27 15:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Data aplikací\Ableton
[2010.04.27 15:18:16 | 000,368,640 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS2\System32\ReWire.dll
[2010.04.27 15:18:15 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\mfc71.dll
[2010.04.27 15:18:15 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\msvcp71.dll
[2010.04.27 15:18:15 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\msvcr71.dll
[2010.04.27 15:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\Ableton
[2010.04.27 15:15:27 | 001,777,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS2\System32\gdiplus.dll
[2010.04.27 11:12:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Local Settings\Data aplikací\Conduit
[2010.04.27 11:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.04.27 11:12:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kk\Local Settings\Data aplikací\PHPNukeEN
[2010.04.27 11:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\PHPNukeEN
[2010.04.27 11:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp
[2010.04.24 16:31:17 | 002,275,057 | ---- | C] (InstallShield Software Corporation) -- C:\Documents and Settings\kk\Plocha\setup.exe
[6 C:\WINDOWS2\*.tmp files -> C:\WINDOWS2\*.tmp -> ]
[1 C:\WINDOWS2\System32\*.tmp files -> C:\WINDOWS2\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.21 12:01:05 | 000,000,228 | ---- | M] () -- C:\WINDOWS2\tasks\Scheduled Update for Ask Toolbar.job
[2010.05.21 11:53:02 | 000,000,408 | -H-- | M] () -- C:\WINDOWS2\tasks\MP Scheduled Scan.job
[2010.05.21 11:47:06 | 000,000,006 | -H-- | M] () -- C:\WINDOWS2\tasks\SA.DAT
[2010.05.21 11:47:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS2\bootstat.dat
[2010.05.21 11:47:01 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.21 01:13:15 | 000,000,069 | ---- | M] () -- C:\WINDOWS2\NeroDigital.ini
[2010.05.20 21:23:41 | 001,578,060 | -H-- | M] () -- C:\Documents and Settings\kk\Local Settings\Data aplikací\IconCache.db
[2010.05.20 16:24:07 | 000,000,468 | -H-- | M] () -- C:\WINDOWS2\tasks\Norton Security Scan for kk.job
[2010.05.20 15:27:53 | 000,002,285 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS2\Plocha\Skype.lnk
[2010.05.20 13:05:43 | 000,013,646 | ---- | M] () -- C:\WINDOWS2\System32\wpa.dbl
[2010.05.17 18:38:02 | 003,407,872 | -H-- | M] () -- C:\Documents and Settings\kk\NTUSER.DAT
[2010.05.17 18:37:31 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\kk\ntuser.ini
[2010.05.14 11:32:18 | 000,010,867 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\motiv.jpg
[2010.05.13 16:26:13 | 012,322,759 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\Christina_Aguilera_-_Not_Myself_Tonight_(Jody_den_Broeder_Explicit_Club_Mix).mp3.part
[2010.05.12 19:57:31 | 000,066,821 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\baju.jpg
[2010.05.12 16:11:52 | 016,094,564 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\Kaskade, Tiesto & Haley - Only You (Kaskade Remix) .mp3
[2010.05.12 16:01:56 | 011,227,114 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\Red Hot Chili Peppers - Otherside (Funkerman Remix).mp3
[2010.05.12 15:58:47 | 014,736,195 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\Stereo Palma _ Andale (Hard Rock Sofa Mix) www.disco-pogo.blogspot.com.mp3
[2010.05.12 15:19:37 | 015,078,921 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\Hi-Tack - It's Gonna Be Allright (Addy Van Der Zwan Remix).mp3
[2010.05.12 15:06:29 | 015,481,787 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\Eric Prydz vs Chaka Khan - Ain't No Pjanoo (Hrelja Bootleg).mp3
[2010.05.11 15:21:23 | 000,090,885 | ---- | M] () -- C:\Documents and Settings\kk\Plocha\dj.jpg
[2010.05.11 14:12:30 | 000,000,979 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS2\Plocha\Norton Security Scan.lnk
[2010.05.11 14:11:55 | 000,000,172 | ---- | M] () -- C:\WINDOWS2\System32\drivers\

#6 Příspěvek od **Caroprd111** » 21 kvě 2010 12:29

Log není celý.

VIRY.CZ

Problém s virem

Problém s virem

Re: Problém s virem

Re: Problém s virem

Re: Problém s virem

Re: Problém s virem

Re: Problém s virem