Druhé PC pro Motji

[csw*]

Stáhněte Avenger
http://swandog46.geekstogo.com/avenger.exe

-spustíte program a potvrdíte kliknutím na ok,tím potvrzujete, že všechny činnosti s tím spojené činíte na vlastní riziko.
-Po odkliknutí se objeví hlavní okno programu,do bílého okna něj zkopírujte tento skript:

Kód: Vybrat vše

Files to delete:
c:\documents and settings\magdalena\Nabídka Start\Programy\Po spuštění\algeki32.exe 

-zaškrtněte políčko scan for rootkits

a klikněte na tlačítko Execute.
-Potom se objeví okno,kde kliknutím Yes potvrdíte spuštění skriptu. Pak znovu tlačítkem yes potvrdíte restart počítače.
-Po restartu by se měl otevřít poznámkový blok s logem o vykonání skriptu, bude také uložený v C:\avenger.txt.
-Log vložte sem



Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.


Otestujte na http://www.virustotal.com
c:\windows\system32\user32.DLL
c:\windows\system32\DRIVERS\Eqnmirdd.sys
C:\WINDOWS\System32\drivers\ndis.sys


Složky smažte
C:\Documents and Settings\magdalena\online_{49c3c335-6a58-41c8-8034-3855ee78b887}
C:\Documents and Settings\magdalena\{49c3c335-6a58-41c8-8034-3855ee78b887}

Soubory C:\Documents and Settings\magdalena\online_{49c3c335-6a58-41c8-8034-3855ee78b887}
C:\Documents and Settings\magdalena\{49c3c335-6a58-41c8-8034-3855ee78b887}[/quote] jsem smazal.

Logy 3 souborů jsou uvedeny výše. Vše negativní, což je pozitivní...

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

KillAll::

Rootkit::
c:\windows\system32\drivers\zxiwwbpdk7.sys
c:\documents and settings\magdalena\Nabídka Start\Programy\Po spuštění\algeki32.exe

Driver::
zxiwwbpdk7

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[csw*]

ComboFix 10-05-16.01 - magdalena 22.05.2010 19:39:56.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.446.72 [GMT 2:00]
Spuštěný z: c:\documents and settings\magdalena\Plocha\cokoliv.com.exe
Použité ovládací přepínače :: c:\documents and settings\magdalena\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ZXIWWBPDK7
-------\Service_zxiwwbpdk7


((((((((((((((((((((((((( Soubory vytvořené od 2010-04-22 do 2010-05-22 )))))))))))))))))))))))))))))))
.

2010-05-21 18:04 . 2010-05-21 18:04 61440 ----a-w- c:\windows\system32\drivers\vbrnlxe.sys
2010-05-21 16:54 . 2010-05-21 16:54 61440 ----a-w- c:\windows\system32\drivers\uhswxeiz.sys
2010-05-21 08:57 . 2010-05-21 09:03 -------- d-----w- C:\cokoliv.com18038c
2010-05-20 21:57 . 2010-05-20 21:57 -------- d--h--w- c:\windows\PIF
2010-05-20 20:25 . 2008-04-14 06:52 39424 -c--a-w- c:\windows\system32\dllcache\grpconv.exe
2010-05-20 20:25 . 2008-04-14 06:52 39424 ----a-w- c:\windows\system32\grpconv.exe
2010-05-20 19:17 . 2010-05-20 22:03 -------- d-----w- C:\cokoliv.com
2010-05-18 22:34 . 2010-05-18 22:51 -------- d-----w- C:\UsbFix
2010-05-18 19:47 . 2010-05-18 19:47 -------- d-----w- c:\program files\trend micro
2010-05-18 19:47 . 2010-05-18 19:47 -------- d-----w- C:\rsit
2010-05-18 17:35 . 2010-05-21 14:41 -------- d-----w- c:\program files\SpeedFan
2010-05-18 16:23 . 2010-05-18 16:25 -------- d-----w- c:\program files\CCleaner
2010-05-18 16:09 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-05-18 16:09 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-05-18 16:08 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-05-18 16:08 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-05-18 16:08 . 2010-05-18 16:08 -------- d-----w- c:\program files\Common Files\CANON
2010-05-18 16:05 . 2007-05-21 20:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP94.DLL
2010-05-18 16:05 . 2007-05-21 20:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD94.DLL
2010-05-18 16:05 . 2007-05-21 20:00 215040 ----a-w- c:\windows\system32\CNMLM94.DLL
2010-05-18 16:05 . 2010-05-18 16:05 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2010-05-18 16:05 . 2007-03-23 07:29 98304 ----a-w- c:\windows\system32\CNC520I.DLL
2010-05-18 16:05 . 2007-03-19 01:23 200704 ----a-w- c:\windows\system32\CNC520L.DLL
2010-05-18 16:05 . 2007-03-15 05:12 188416 ----a-w- c:\windows\system32\CNC520O.DLL
2010-05-18 16:05 . 2007-03-23 07:30 1400832 ----a-w- c:\windows\system32\CNC520C.DLL
2010-05-18 16:05 . 2010-05-18 16:05 -------- d--h--w- c:\program files\CanonBJ

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-21 18:04 . 2010-05-21 18:04 206 ----a-w- c:\program files\mcbtjb.txt
2010-05-21 15:43 . 2008-04-14 12:00 578560 ----a-w- c:\windows\system32\user32.dll
2010-05-18 16:10 . 2009-04-02 13:55 -------- d-----w- c:\program files\Canon
2010-05-13 08:08 . 2008-04-14 12:00 432516 ----a-w- c:\windows\system32\perfh005.dat
2010-05-13 08:08 . 2008-04-14 12:00 79440 ----a-w- c:\windows\system32\perfc005.dat
2010-05-04 06:59 . 2009-03-05 12:27 -------- d-----w- c:\program files\Kooperativa
2010-04-14 19:06 . 2009-03-05 12:37 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2010-04-14 19:05 . 2009-03-05 12:37 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-04-14 19:05 . 2009-03-05 12:37 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-11 12:36 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-09 11:11 . 2008-04-14 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2008-04-14 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 0 (0x0)
"enableinstallerdetection"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-04-14 19:06 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 TivoliAP

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2004-01-14 01:10 409600 ----a-w- c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-05-17 10:48 77824 ----a-w- c:\windows\SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Tivoli\\lcf\\bin\\w32-ix86\\mrt\\lcfd.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Kooperativa\\KalkZiv\\Kalk_ziv.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5.3.2009 14:37 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5.3.2009 14:37 108552]
R1 TGrab;Tivoli Remote Control Text Grabber;c:\windows\system32\drivers\TGRAB.SYS [22.4.2009 14:55 8288]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [5.3.2009 14:37 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [5.3.2009 14:37 297752]
R2 CITMDRV;CITMDRV;c:\windows\system32\drivers\CITMDRV.SYS [24.3.2009 12:48 10752]
R2 InvokerUpdateService;InvokerUpdateService;c:\ais\Tahiti4\bin\InvokerService.exe [5.3.2009 14:42 176128]
R2 KoopPdfService;KoopPdfService;c:\program files\Kooperativa\Services\KoopPDFServer.exe [6.4.2010 15:39 447488]
R2 lcfd;Tivoli Endpoint;c:\tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe [5.3.2009 15:45 172032]
R2 TME10RC;Tivoli Remote Control Service;c:\windows\RCSERV.EXE [22.4.2009 14:55 77824]
R3 Eqnmirdd;Eqnmirdd;c:\windows\system32\drivers\Eqnmirdd.sys [22.4.2009 14:55 6107]
R3 KeyEx2;Tivoli Remote Control Keyboard Filter;c:\windows\system32\drivers\KEYEX2.SYS [22.4.2009 14:55 5837]
R3 MouEx2;Tivoli Remote Control Pointer Filter;c:\windows\system32\drivers\MOUEX2.SYS [22.4.2009 14:55 4638]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
FF - ProfilePath - c:\documents and settings\magdalena\Data aplikací\Mozilla\Firefox\Profiles\pwgf7qja.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-22 20:16
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(896)
c:\windows\system32\TivoliAP.dll

- - - - - - - > 'explorer.exe'(3932)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\wltrysvc.exe
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2010-05-22 20:21:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-22 18:21
ComboFix2.txt 2010-05-21 16:08
ComboFix3.txt 2010-05-20 21:59

Před spuštěním: 2 389 716 992
Po spuštění: 2 352 738 304

- - End Of File - - 53C960561867F204438EABD7B0B48C16

[csw*]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4131

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

22.5.2010 20:47:29
mbam-log-2010-05-22 (20-47-29).txt

Typ skenu: Rychlý sken
Skenované objekty: 127338
Uplynulý čas: 13 minuta(y), 44 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 1
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\AKM Antivirus 2010 Pro (Rogue.AKMAntivirus) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Documents and Settings\magdalena\Nabídka Start\Programy\AKM Antivirus 2010 Pro (Rogue.AKMAntivirus) -> No action taken.

Infikované soubory:
C:\WINDOWS\system32\drivers\uhswxeiz.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\vbrnlxe.sys (Rootkit.Agent) -> No action taken.
C:\Documents and Settings\magdalena\Nabídka Start\Programy\AKM Antivirus 2010 Pro\AKM Antivirus 2010 Pro.lnk (Rogue.AKMAntivirus) -> No action taken.
C:\Documents and Settings\magdalena\Data aplikací\avdrn.dat (Malware.Trace) -> No action taken.

[motji]

Co našel mbam, smažte a udělejte uplný sken mbamem.

Doporučuji Avg odinstalovat tímto http://www.avg.com/cz-cs/stahnout-nastroje a dát Avast nebo Aviru.


Smažte c:\program files\mcbtjb.txt

Jak to vypadá s počítačem?

[csw*]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4131

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

22.5.2010 22:49:15
mbam-log-2010-05-22 (20-47-29).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 124695
Uplynulý čas: 1 hodina(y), 42 minuta(y), 2 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 40

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Program Files\Kooperativa\Hotely\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\Kolumbus2006\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\Malaga\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\ObsVerze\nastav\ObsUklid.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\Ordinace\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\Oz7\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\StartPlus\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\Trend\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\Kooperativa\Trend07\Zalohovac.exe (Trojan.Downloader) -> No action taken.
C:\Qoobox\Quarantine\C\Documents and Settings\magdalena\jpwrtryt.exe.vir (Trojan.Downloader) -> No action taken.
C:\Qoobox\Quarantine\C\Documents and Settings\magdalena\Nabídka Start\Programy\Po spuštění\algeki32.exe.vir (Trojan.Downloader) -> No action taken.
C:\Qoobox\Quarantine\C\Program Files\AKM Antivirus 2010 Pro\AKM Antivirus 2010 Pro.exe.vir (Rogue.WindowsPolicePro) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\cooper.mine.vir (Worm.Pinit) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\msxsltsso.dll.vir (Trojan.GootKit) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\regedit.exe.vir (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\zxiwwbpdk7.sys.vir (Rootkit.Tent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\wbem\grpconv.exe.vir (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP148\A0073275.dll (Trojan.GootKit) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP148\A0073324.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP148\A0073332.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP148\A0073333.exe (Trojan.Downloader) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP148\A0073432.dll (Trojan.GootKit) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP154\A0074800.sys (Rootkit.Tent) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP154\A0074793.dll (Trojan.GootKit) -> No action taken.
C:\System Volume Information\_restore{50E3E4C0-0192-4841-A6A5-DA4EF73D9988}\RP154\A0074944.exe (Trojan.Downloader) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\071.exe.UsbFix (Trojan.Dropper) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\101.exe.UsbFix (Trojan.Downloader) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\445.exe.UsbFix (Trojan.Dropper) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\565.exe.UsbFix (Trojan.Dropper) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\590.exe.UsbFix (Trojan.Downloader) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\706.exe.UsbFix (Trojan.Dropper) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\7fr178ev.exe.UsbFix (Worm.Pinit) -> No action taken.
C:\UsbFix\Quarantine\C\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\933.exe.UsbFix (Trojan.Dropper) -> No action taken.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe.UsbFix (Worm.Autorun.B) -> No action taken.
C:\UsbFix\Quarantine\C\RECYCLER\S-1-5-21-1981917028-6495068474-523282379-4824\mgrls32.exe.UsbFix (Worm.Autorun.B) -> No action taken.
D:\Program Files\Kooperativa\Kolumbus2006\Zalohovac.exe (Trojan.Downloader) -> No action taken.
D:\Program Files\Kooperativa\ObsVerze\Nastav\ObsUklid.exe (Trojan.Downloader) -> No action taken.
D:\Program Files\Kooperativa\Ordinace\Zalohovac.exe (Trojan.Downloader) -> No action taken.
D:\Program Files\Kooperativa\Trend\Zalohovac.exe (Trojan.Downloader) -> No action taken.
D:\Program Files\Kooperativa\Trend07\Zalohovac.exe (Trojan.Downloader) -> No action taken.

[motji]

Nic mazat nemusíte, uklidíme to T-cleanerem.


Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[csw*]

Logfile of random's system information tool 1.07 (written by random/random)
Run by magdalena at 2010-05-22 23:20:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (22%) free of 16 GB
Total RAM: 446 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:46, on 22.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
c:\ais\Tahiti4\bin\InvokerService.exe
C:\Program Files\Kooperativa\Services\KoopPDFServer.exe
C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RCSERV.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\magdalena\Plocha\RSIT.exe
C:\Program Files\trend micro\magdalena.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://intra-ph.ph.koop.cz/intra/intran.phtml
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = zam.koop.int
O17 - HKLM\Software\..\Telephony: DomainName = zam.koop.int
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InvokerUpdateService - LightComp v.o.s. - c:\ais\Tahiti4\bin\InvokerService.exe
O23 - Service: KoopPdfService - Unknown owner - C:\Program Files\Kooperativa\Services\KoopPDFServer.exe
O23 - Service: Tivoli Endpoint (lcfd) - Unknown owner - C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe
O23 - Service: Tivoli Remote Control Service (TME10RC) - IBM Corporation - C:\WINDOWS\RCSERV.EXE
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 6963 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-08-31 1312040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2009-05-10 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2010-04-19 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2009-05-10 491520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2005-05-17 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-14 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
TivoliAP

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"consentpromptbehavioradmin"=0
"enableinstallerdetection"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe"="C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe:*:Enabled:lcfd"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe"="C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe:*:Enabled:Kalk_ziv"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\ICQ6\ICQ.exe"="D:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe"="C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe:*:Enabled:lcfd"
"C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe"="C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe:*:Enabled:Kalk_ziv"
"C:\Tivoli\lcf\inv\SCAN\wepmcoll.exe"="C:\Tivoli\lcf\inv\SCAN\wepmcoll.exe:*:Disabled:wepmcoll"

======List of files/folders created in the last 1 months======

2010-05-22 23:20:22 ----D---- C:\rsit
2010-05-22 22:56:31 ----SHD---- C:\RECYCLER
2010-05-22 20:31:30 ----D---- C:\Documents and Settings\magdalena\Data aplikací\Malwarebytes
2010-05-22 20:31:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-05-22 20:31:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-22 20:21:18 ----D---- C:\WINDOWS\temp
2010-05-21 18:54:56 ----A---- C:\btefmm.txt
2010-05-21 17:32:32 ----A---- C:\Boot.bak
2010-05-21 17:32:22 ----RASHD---- C:\cmdcons
2010-05-21 10:57:14 ----D---- C:\cokoliv.com18038c
2010-05-20 23:57:00 ----HD---- C:\WINDOWS\PIF
2010-05-20 22:25:37 ----A---- C:\WINDOWS\system32\grpconv.exe
2010-05-20 21:17:41 ----D---- C:\cokoliv.com
2010-05-20 21:13:33 ----D---- C:\WINDOWS\ERDNT
2010-05-19 00:48:13 ----A---- C:\UsbFix.txt
2010-05-19 00:34:49 ----D---- C:\UsbFix
2010-05-18 21:47:40 ----D---- C:\Program Files\trend micro
2010-05-18 19:35:29 ----D---- C:\Program Files\SpeedFan
2010-05-18 18:46:36 ----D---- C:\WINDOWS\pss
2010-05-18 18:23:41 ----D---- C:\Program Files\CCleaner
2010-05-18 18:08:04 ----D---- C:\Program Files\Common Files\CANON
2010-05-18 18:06:10 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2010-05-18 18:05:51 ----A---- C:\WINDOWS\system32\CNMLM94.DLL
2010-05-18 18:05:46 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2010-05-18 18:05:34 ----A---- C:\WINDOWS\system32\CNC520O.DLL
2010-05-18 18:05:34 ----A---- C:\WINDOWS\system32\CNC520L.DLL
2010-05-18 18:05:34 ----A---- C:\WINDOWS\system32\CNC520I.DLL
2010-05-18 18:05:33 ----A---- C:\WINDOWS\system32\CNC520C.DLL
2010-05-18 18:05:19 ----HD---- C:\Program Files\CanonBJ

======List of files/folders modified in the last 1 months======

2010-05-22 23:19:17 ----D---- C:\Program Files\Mozilla Firefox
2010-05-22 23:17:52 ----D---- C:\WINDOWS
2010-05-22 23:14:47 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-05-22 23:04:04 ----SHD---- C:\System Volume Information
2010-05-22 23:04:04 ----D---- C:\WINDOWS\system32\Restore
2010-05-22 22:56:32 ----RD---- C:\Program Files
2010-05-22 21:03:31 ----D---- C:\WINDOWS\system32\drivers
2010-05-22 20:20:34 ----D---- C:\WINDOWS\Prefetch
2010-05-22 20:19:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-22 20:17:00 ----A---- C:\WINDOWS\system.ini
2010-05-22 20:13:24 ----D---- C:\WINDOWS\system32\config
2010-05-22 19:55:25 ----D---- C:\WINDOWS\system32
2010-05-22 19:55:24 ----D---- C:\WINDOWS\AppPatch
2010-05-22 19:54:22 ----D---- C:\Program Files\Common Files
2010-05-21 17:44:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-21 17:43:47 ----A---- C:\WINDOWS\system32\user32.dll
2010-05-21 17:32:32 ----RASH---- C:\boot.ini
2010-05-21 17:18:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-05-21 13:19:36 ----D---- C:\WINDOWS\Minidump
2010-05-21 10:32:48 ----SHD---- C:\WINDOWS\CSC
2010-05-20 22:22:02 ----D---- C:\WINDOWS\system32\wbem
2010-05-18 21:46:05 ----D---- C:\$AVG8.VAULT$
2010-05-18 18:48:06 ----A---- C:\WINDOWS\win.ini
2010-05-18 18:40:46 ----D---- C:\WINDOWS\Debug
2010-05-18 18:10:36 ----D---- C:\Program Files\Canon
2010-05-18 18:09:14 ----D---- C:\WINDOWS\Media
2010-05-18 18:08:56 ----HD---- C:\WINDOWS\inf
2010-05-18 18:05:45 ----D---- C:\WINDOWS\twain_32
2010-05-18 13:25:01 ----A---- C:\fftrlog.txt
2010-05-18 12:01:06 ----D---- C:\WINDOWS\security
2010-05-13 10:08:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-04 08:59:05 ----D---- C:\Program Files\Kooperativa

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-14 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-04-14 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-27 108552]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 TGrab;Tivoli Remote Control Text Grabber; C:\WINDOWS\system32\drivers\TGrab.sys [2009-04-22 8288]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-05 17801]
R2 CITMDRV;CITMDRV; \??\C:\WINDOWS\System32\drivers\CITMDRV.SYS []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-05-18 2319680]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2003-10-25 95970]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 Eqnmirdd;Eqnmirdd; C:\WINDOWS\system32\DRIVERS\Eqnmirdd.sys [2009-04-22 6107]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-03-18 42496]
R3 KeyEx2;Tivoli Remote Control Keyboard Filter; C:\WINDOWS\system32\drivers\KeyEx2.sys [2009-04-22 5837]
R3 MouEx2;Tivoli Remote Control Pointer Filter; C:\WINDOWS\system32\drivers\MouEx2.sys [2009-04-22 4638]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2005-04-07 923826]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-12-27 247040]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2010-04-14 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2010-04-19 297752]
R2 InvokerUpdateService;InvokerUpdateService; c:\ais\Tahiti4\bin\InvokerService.exe [2009-03-05 176128]
R2 KoopPdfService;KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2010-05-10 447488]
R2 lcfd;Tivoli Endpoint; C:\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe [2005-11-15 172032]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 TME10RC;Tivoli Remote Control Service; C:\WINDOWS\RCSERV.EXE [2009-04-22 77824]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2005-02-17 65536]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[csw*]

info.txt logfile of random's system information tool 1.06 2010-05-22 23:20:49

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A91000000001}
Adresní modul UIR-ADR-->"C:\Program Files\Kooperativa\UIR-ADR\unins000.exe"
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Aktualizace systému Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
ATF-->C:\WINDOWS\UIA200.exe "C:\Program Files\All Ten Fingers\DelList.lst"
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Broadcom 802.11 Network Adapter-->C:\WINDOWS\system32\BCMWLU00.exe verbose
Canon iP90 Setup Utility-->"C:\Program Files\Canon\Canon iP90 Setup Utility\Maint.exe" /Uninstall C:\Program Files\Canon\Canon iP90 Setup Utility\uninst.ini
Canon iP90-->C:\WINDOWS\system32\CNMCP71.exe "-PRINTERNAMECanon iP90" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon iP90 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon iP90 Installer\Inst2\cnmi0405.dll"
Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini
Canon MP520 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series /L0x0005
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Digitalizace Koop 4.2.4.15-->"c:\ais\unins000.exe"
EASEUS Partition Manager Personal 1.6.4-->"C:\Program Files\EASEUS\EASEUS Partition Manager Personal 1.6.4\unins000.exe"
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Fonty-->MsiExec.exe /I{3315057B-09E8-4410-B61C-CECEACFE4620}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ6-->C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe -runfromtemp -l0x0009 -removeonly
InterBase 6 Client Open Edition - 6.0.2.0-->C:\PROGRA~1\Borland\INTERB~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\Borland\INTERB~1\UNINST~1\INSTALL_INTERBASE_CLIENT.LOG
ISOS 3.2.4 (Určeno pro interní síť Kooperativy - XP/Vista)-->"C:\Program Files\Kooperativa\unins000.exe"
KOOP Sporice-->MsiExec.exe /I{7A012424-3D7D-4CC7-A5BC-8AD55747CFAD}
KOOP Sporice-->MsiExec.exe /I{C961382A-9AED-49FF-83FC-590EAF3D054E}
KOOP Tapety-->MsiExec.exe /I{EE8DEA52-C1AC-4319-B44C-0CA1D04B72DB}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Language Pack - CSY-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - CSY\install.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Czech Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Czech Language Pack\setup.exe
Microsoft .NET Framework 3.0 Czech Language Pack-->MsiExec.exe /X{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Motorola SM56 Data Fax Modem-->C:\WINDOWS\Motorola\SMSERIAL\sm56unst.exe
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
ObsVerze v 3.01-->"C:\Program Files\Kooperativa\ObsVerze\unins000.exe"
Oprava Hotfix systému Windows XP (KB969084)-->"C:\WINDOWS\$NtUninstallKB969084$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
PC Translator-->C:\WINDOWS\UN32.EXE -UP
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 REMOVE -removeonly
Registrace uživatele zařízení Canon MP520 series-->C:\Program Files\Canon\IJEREG\MP520 series\UNINST.EXE
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB980470)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {34573F17-DADE-4D0D-835F-A54A1DE8AC1F}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Skype™ 3.5-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb981433)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5A6859A6-042D-4DF7-84E2-79F8DEFB5D48}
VIA Platforma Ovladače zařízení-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VIA/S3G Display Driver-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation Language Pack (CSY)-->MsiExec.exe /X{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}
Windows Workflow Foundation CS Language Pack-->MsiExec.exe /I{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}

======Security center information======

AV: AVG Anti-Virus Free

======System event log======

Computer Name: MCHVASTEKOVA-OB
Event Code: 15007
Message: Rezervace pro obor názvů identifikovaný prefixem adresy URL http://*:2869/ byla úspěšně přidána.

Record Number: 5
Source Name: HTTP
Time Written: 20090305122622.000000+060
Event Type: Informace
User:

Computer Name: MCHVASTEKOVA-OB
Event Code: 3260
Message: Tento počítač byl úspěšně připojen k workgroup SKUPINA.

Record Number: 4
Source Name: Workstation
Time Written: 20090305122210.000000+060
Event Type: Informace
User:

Computer Name: MCHVASTEKOVA-OB
Event Code: 6011
Message: Název tohoto počítače v systémech DNS a NetBIOS byl změněn z MACHINENAME na MCHVASTEKOVA-OB.

Record Number: 3
Source Name: EventLog
Time Written: 20090305122057.000000+060
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 2
Source Name: EventLog
Time Written: 20090305130843.000000+060
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090305130843.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: MCHVASTEKOVA-OB
Event Code: 1000
Message: Čítače výkonu pro službu MSDTC (MSDTC) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090305122323.000000+060
Event Type: Informace
User:

Computer Name: MCHVASTEKOVA-OB
Event Code: 1000
Message: Čítače výkonu pro službu TermService (Terminálová služba) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090305122317.000000+060
Event Type: Informace
User:

Computer Name: MCHVASTEKOVA-OB
Event Code: 1000
Message: Čítače výkonu pro službu RemoteAccess (Směrování a vzdálený přístup) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090305122201.000000+060
Event Type: Informace
User:

Computer Name: MCHVASTEKOVA-OB
Event Code: 1000
Message: Čítače výkonu pro službu PSched (PSched) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090305122115.000000+060
Event Type: Informace
User:

Computer Name: MCHVASTEKOVA-OB
Event Code: 1000
Message: Čítače výkonu pro službu RSVP (QoS RSVP) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090305122114.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LANGUAGE"=cs
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

[motji]

Smažte
C:\btefmm.txt
C:\cokoliv.com18038c
C:\cokoliv.com
C:\UsbFix.txt
C:\UsbFix

Pokud nejsou problémy, je to vše