Dobrý den.Prosím o běžnou kontrolu log,PC odmítá otvírat některé aplikace v progtamu.Děkuji.
Logfile of random's system information tool 1.07 (written by random/random)
Run by uzivatel at 2010-06-08 12:34:55
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 68 GB (68%) free of 100 GB
Total RAM: 2037 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:34:58, on 8.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\365dníNET\365dniNET.exe
C:\Program Files\uTorrent\utorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
S:\Pracovní2\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
E:\instalace\wincmd\Wincmd32.exe
S:\Stažené\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: CHelper Class - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [update_vs] "C:\Program Files\Vyčistit Soubory\UUpdate.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [365dni] C:\Program Files\365dníNET\365dniNET.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra 'Tools' menuitem: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2
--
End of file - 10171 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-07-21 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99A7C4DD-B2E6-4CA0-BB6E-737A61364155}]
CHelper Class - C:\PROGRA~1\EUROTR~1\e2003i.dll [2009-07-25 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-07-20 1191424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-07-20 1191424]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-07-21 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-05 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-05 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-05 137752]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2006-09-18 843776]
"update_vs"=C:\Program Files\Vyčistit Soubory\UUpdate.exe [2008-08-05 28672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"365dni"=C:\Program Files\365dníNET\365dniNET.exe [2007-01-06 753664]
"uTorrent"=C:\Program Files\uTorrent\utorrent.exe [2010-05-18 322352]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-05-26 2346192]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-03-14 486856]
C:\Documents and Settings\uzivatel\Nabídka Start\Programy\Po spuštění
Rainlendar.lnk - C:\Program Files\Rainlendar\Rainlendar.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-24 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\MSI\MyGuard Live\MyGuard Live.exe"="C:\Program Files\MSI\MyGuard Live\MyGuard Live.exe:*:Enabled:MyGuard"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-06-08 12:34:56 ----D---- C:\Program Files\trend micro
2010-06-08 12:34:55 ----D---- C:\rsit
2010-06-08 09:55:01 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2010-06-01 11:26:10 ----D---- C:\Program Files\AntiKomár
2010-05-30 07:48:26 ----D---- C:\Program Files\Common Files\KnifeEdge
2010-05-30 06:11:35 ----A---- C:\WINDOWS\cyklopruvodce.INI
2010-05-30 06:06:44 ----D---- C:\Program Files\PLANstudio
2010-05-28 15:07:12 ----D---- C:\Garmin
2010-05-28 12:47:50 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Pathcz
2010-05-26 05:26:38 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-21 18:43:02 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Desktopicon
2010-05-21 18:42:23 ----D---- C:\Program Files\FreeTime
2010-05-21 18:24:14 ----D---- C:\AVOneExport
2010-05-18 06:41:38 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Dream Aquarium
2010-05-18 06:41:28 ----D---- C:\Program Files\Dream Aquarium
2010-05-12 08:29:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-11 11:23:26 ----A---- C:\WINDOWS\cdplayer.ini
2010-05-11 06:37:34 ----A---- C:\WINDOWS\system32\lame_enc.dll
2010-05-11 06:37:33 ----D---- C:\Program Files\AML Products
======List of files/folders modified in the last 1 months======
2010-06-08 12:34:56 ----RD---- C:\Program Files
2010-06-08 12:34:52 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\uTorrent
2010-06-08 12:34:46 ----A---- C:\WINDOWS\wincmd.ini
2010-06-08 12:31:27 ----D---- C:\WINDOWS\Prefetch
2010-06-08 12:23:53 ----D---- C:\WINDOWS\Temp
2010-06-08 12:22:23 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\365dni
2010-06-08 12:19:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-08 12:19:33 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Skype
2010-06-08 11:39:07 ----D---- C:\Program Files\GoQ - NetRadio
2010-06-08 10:53:11 ----D---- C:\WINDOWS\system32
2010-06-08 10:11:01 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\skypePM
2010-06-07 08:47:47 ----AD---- C:\Idos 2009-2010
2010-06-06 11:29:15 ----D---- C:\WINDOWS
2010-06-05 04:35:40 ----SHD---- C:\WINDOWS\Installer
2010-06-05 04:35:39 ----HD---- C:\Config.Msi
2010-06-04 05:35:57 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-02 14:45:54 ----D---- C:\Program Files\Mozilla Firefox
2010-06-01 20:25:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-01 13:44:48 ----D---- C:\WINDOWS\WinSxS
2010-06-01 11:29:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-31 07:06:08 ----HD---- C:\WINDOWS\inf
2010-05-30 07:48:26 ----D---- C:\Program Files\Common Files
2010-05-20 08:42:23 ----D---- C:\Program Files\Adresy
2010-05-19 08:10:54 ----D---- C:\Program Files\Formosoft
2010-05-19 08:09:18 ----D---- C:\Program Files\VS Revo Group
2010-05-19 08:09:17 ----D---- C:\WINDOWS\system32\drivers
2010-05-19 05:02:20 ----D---- C:\Program Files\uTorrent
2010-05-18 11:57:51 ----RD---- C:\Program Files\Skype
2010-05-17 07:37:23 ----D---- C:\WINDOWS\Help
2010-05-14 05:53:20 ----D---- C:\Program Files\Google
2010-05-13 07:17:46 ----D---- C:\Program Files\Rainlendar
2010-05-12 17:44:56 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Image Zone Express
2010-05-12 08:29:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-12 08:29:38 ----D---- C:\Program Files\Outlook Express
2010-05-12 06:59:39 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-09 20:22:27 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-04-16 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-04-16 25888]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-24 5776928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-24 141568]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2006-09-15 10205696]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ahsss2f2;ahsss2f2; C:\WINDOWS\system32\drivers\ahsss2f2.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-04-22 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-26 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o běžnou kontrolu log
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o běžnou kontrolu log
zdravím 
stáhněte si OTL z tohoto odkazu http://ottools.noahdfear.net/OTL.exe
stažený soubor spusťte jako správce
v otevřeném okně stiskněte tlačítko Prohledat, čímž spustíte sken; vyčkejte prosím dokončení skenu (cca 5 minut); poté se vám otevře okno Poznámkového bloku s logem, jehož obsah sem zkopírujte
stáhněte si OTL z tohoto odkazu http://ottools.noahdfear.net/OTL.exe
stažený soubor spusťte jako správce
v otevřeném okně stiskněte tlačítko Prohledat, čímž spustíte sken; vyčkejte prosím dokončení skenu (cca 5 minut); poté se vám otevře okno Poznámkového bloku s logem, jehož obsah sem zkopírujte
Re: Prosím o běžnou kontrolu log
OTL logfile created on: 8.6.2010 13:17:28 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = S:\Stažené
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 66,50 Gb Free Space | 68,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 74,52 Gb Total Space | 55,31 Gb Free Space | 74,22% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive S: | 368,10 Gb Total Space | 345,02 Gb Free Space | 93,73% Space Free | Partition Type: NTFS
Computer Name: UZIVATEL-66FF63
Current User Name: uzivatel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.08 13:17:10 | 000,571,904 | ---- | M] (OldTimer Tools) -- S:\Stažené\OTL.exe
PRC - [2010.05.26 11:03:40 | 002,346,192 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010.05.18 05:39:02 | 000,322,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\utorrent.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 14:00:00 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clipbrd.exe
PRC - [2007.12.06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2007.10.10 08:13:19 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- S:\Pracovní2\HijackThis.exe
PRC - [2007.01.06 18:16:05 | 000,753,664 | ---- | M] (goNET s.r.o.) -- C:\Program Files\365dníNET\365dniNET.exe
PRC - [2006.09.18 14:12:12 | 000,843,776 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2006.01.21 14:31:46 | 000,118,784 | ---- | M] (Rainy) -- C:\Program Files\Rainlendar\Rainlendar.exe
PRC - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2000.05.30 16:01:34 | 001,427,480 | ---- | M] (C. Ghisler & Co.) -- E:\instalace\wincmd\Wincmd32.exe
========== Modules (SafeList) ==========
MOD - [2010.06.08 13:17:10 | 000,571,904 | ---- | M] (OldTimer Tools) -- S:\Stažené\OTL.exe
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.12.06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2010.04.16 17:18:05 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.04.16 17:18:05 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.20 09:52:36 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.20 18:49:00 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.06.02 12:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.04.24 04:22:16 | 000,141,568 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2007.08.24 05:22:56 | 005,776,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006.09.15 10:41:10 | 010,205,696 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006.01.04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.16
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.11.24 06:10:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2009.12.27 10:19:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.18 11:54:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.18 11:54:33 | 000,000,000 | ---D | M]
[2009.07.21 17:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Extensions
[2010.05.22 10:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\extensions
[2009.09.02 10:34:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.11 08:36:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.07.21 17:38:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.18 11:54:29 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.05.18 11:54:29 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.05.18 11:54:29 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.05.18 11:54:29 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.05.18 11:54:29 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (CHelper Class) - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [update_vs] C:\Program Files\Vyčistit Soubory\UUpdate.exe ()
O4 - HKCU..\Run: [365dni] C:\Program Files\365dníNET\365dniNET.exe (goNET s.r.o.)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\utorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\uzivatel\Nabídka Start\Programy\Po spuštění\Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe (Rainy)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra 'Tools' menuitem : Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop Components:1 (Aqua Real) - 7db39a0d-580f-4be9-9195-8bfcd226f6c2
O24 - Desktop WallPaper: C:\Documents and Settings\uzivatel\Data aplikací\Zoner\ZPS 10\ZPSWallPaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\uzivatel\Data aplikací\Zoner\ZPS 10\ZPSWallPaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.20 13:35:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.08 12:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.08 12:34:55 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.08 10:53:11 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2010.06.08 09:55:02 | 000,525,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DBGRID32.OCX
[2010.06.08 09:55:02 | 000,415,176 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\System32\COMCT332.OCX
[2010.06.08 09:55:01 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2010.06.08 09:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DATAPONT
[2010.06.01 11:26:10 | 000,000,000 | ---D | C] -- C:\Program Files\AntiKomár
[2010.05.30 09:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Dokumenty\RealFlight G4
[2010.05.30 07:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\KnifeEdge
[2010.05.30 07:48:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Dokumenty\RealFlight G5
[2010.05.30 06:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\PLANstudio
[2010.05.28 15:07:12 | 000,000,000 | ---D | C] -- C:\Garmin
[2010.05.28 12:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Data aplikací\Pathcz
[2010.05.21 18:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Dokumenty\FFOutput
[2010.05.21 18:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Data aplikací\Desktopicon
[2010.05.21 18:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2010.05.21 18:24:14 | 000,000,000 | ---D | C] -- C:\AVOneExport
[2010.05.19 08:06:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\VS Revo Group
[2010.05.18 06:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Data aplikací\Dream Aquarium
[2010.05.18 06:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\Dream Aquarium
[2010.05.11 06:37:34 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.05.11 06:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\AML Products
[2009.07.22 16:13:26 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009.07.22 16:13:26 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2009.07.22 16:13:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.08 13:17:19 | 000,001,626 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.08 13:13:17 | 000,027,050 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\POI.url
[2010.06.08 12:58:50 | 000,009,310 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\CzTorrent.url
[2010.06.08 12:57:56 | 000,000,156 | ---- | M] () -- C:\trl.cfg
[2010.06.08 12:52:00 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.08 12:52:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.08 12:22:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.08 12:22:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.08 12:19:38 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\uzivatel\NTUSER.DAT
[2010.06.08 12:19:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\uzivatel\ntuser.ini
[2010.06.08 12:19:32 | 011,779,952 | -H-- | M] () -- C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\IconCache.db
[2010.06.08 11:27:51 | 000,001,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nápověda ke Vzorům.lnk
[2010.06.08 11:27:51 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vzory právních dokumentů.lnk
[2010.06.08 10:59:37 | 000,004,189 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\29. 5. 2010 ČT24 živě ČT24.url
[2010.06.08 10:26:31 | 000,006,441 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Zprávy - tn.cz.url
[2010.06.08 10:17:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.08 08:52:55 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Colosseum.url
[2010.06.08 08:38:21 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\SERVIS 24.url
[2010.06.08 08:21:36 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Houška modelář - internetový obchod pro modeláře.url
[2010.06.08 07:51:45 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\AVSDVDPlayer.m3u
[2010.06.08 07:43:13 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Horní Maršov (obec) - Zajímavosti obce, ubytování, sport, zábava, rekreace, historie, fotogalerie, mapy..url
[2010.06.08 06:37:35 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Výsledky.url
[2010.06.08 06:04:22 | 000,000,259 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Casio Sport Hodinky.cz.url
[2010.06.07 17:46:51 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Sv. Hostýn - bazilika.url
[2010.06.07 12:45:06 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Microsoft Office Word 2003.lnk
[2010.06.07 08:46:09 | 000,020,294 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\IDOS - Pražská integ.url
[2010.06.07 08:06:44 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Meteoradar CZ.url
[2010.06.06 20:14:18 | 000,000,244 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\MALL.cz - bílé zboží, elektronika, PC, sport, hobby, hračky, design, chovatelské potřeby.url
[2010.06.06 18:48:41 | 000,003,069 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Pravidla českého pravopisu pravidla.cz.url
[2010.06.06 18:33:59 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\uzivatel\Dokumenty\spider.sav
[2010.06.06 11:29:15 | 000,025,574 | ---- | M] () -- C:\WINDOWS\IM16.CFG
[2010.06.06 11:29:15 | 000,003,208 | ---- | M] () -- C:\WINDOWS\im32st.dat
[2010.06.06 10:27:36 | 000,002,301 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\InfoMapa 16.lnk
[2010.06.05 16:49:21 | 000,000,169 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\On-line obchod - PECKA MODELÁŘ - modely, makety - www.peckamodel.cz.url
[2010.06.05 12:11:58 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\ISKO.url
[2010.06.04 05:36:03 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.04 05:35:57 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.04 05:12:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.06.03 11:31:43 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Format Factory.lnk
[2010.06.01 11:29:34 | 001,020,324 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.01 11:29:34 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.01 11:29:34 | 000,428,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.01 11:29:34 | 000,077,872 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.01 11:29:34 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.31 07:07:00 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\POI Loader.lnk
[2010.05.30 07:08:10 | 000,002,246 | ---- | M] () -- C:\WINDOWS\cyklopruvodce.INI
[2010.05.29 08:05:03 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Formuláře, tiskopisy zdarma - MUDr. Zbyněk Mlčoch.url
[2010.05.29 07:57:44 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Peklo II, s.r.o. - Informační servis - Vzory smluv a šablony.url
[2010.05.29 06:48:44 | 000,000,207 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\SILVERLIT PicooZ MALL.cz.url
[2010.05.28 15:07:43 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\MapSource.lnk
[2010.05.25 11:07:00 | 000,000,156 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Mapy 1188 (beta).url
[2010.05.24 19:06:07 | 000,000,140 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Hodinářství Schneider.url
[2010.05.23 21:16:58 | 000,000,342 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Mapy Google.url
[2010.05.23 12:19:19 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Zástupce - googleearth.lnk
[2010.05.16 07:02:48 | 000,000,277 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Epizody - Babicovy dobroty - TV Nova.url
[2010.05.15 17:54:39 | 000,000,108 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Sdružené ambulantní zařízení Praha 7.url
[2010.05.14 09:29:39 | 000,001,543 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\linguatec Voice Reader.lnk
[2010.05.11 11:23:26 | 000,000,034 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.08 11:27:51 | 000,001,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nápověda ke Vzorům.lnk
[2010.06.08 10:53:14 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vzory právních dokumentů.lnk
[2010.06.07 22:07:16 | 000,000,151 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Výsledky.url
[2010.06.03 12:30:36 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Meteoradar CZ.url
[2010.06.03 11:31:43 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Format Factory.lnk
[2010.06.02 15:10:10 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Houška modelář - internetový obchod pro modeláře.url
[2010.06.01 08:01:23 | 000,000,244 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\MALL.cz - bílé zboží, elektronika, PC, sport, hobby, hračky, design, chovatelské potřeby.url
[2010.05.31 07:07:00 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\POI Loader.lnk
[2010.05.30 21:06:42 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Casio Sport Hodinky.cz.url
[2010.05.30 06:11:35 | 000,002,246 | ---- | C] () -- C:\WINDOWS\cyklopruvodce.INI
[2010.05.29 08:53:30 | 000,004,189 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\29. 5. 2010 ČT24 živě ČT24.url
[2010.05.29 08:05:03 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Formuláře, tiskopisy zdarma - MUDr. Zbyněk Mlčoch.url
[2010.05.29 07:57:44 | 000,000,211 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Peklo II, s.r.o. - Informační servis - Vzory smluv a šablony.url
[2010.05.29 06:48:44 | 000,000,207 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\SILVERLIT PicooZ MALL.cz.url
[2010.05.28 15:07:43 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\MapSource.lnk
[2010.05.23 12:19:19 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Zástupce - googleearth.lnk
[2010.05.23 09:28:28 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Hodinářství Schneider.url
[2010.05.14 09:29:39 | 000,001,543 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\linguatec Voice Reader.lnk
[2010.05.13 07:43:47 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Horní Maršov (obec) - Zajímavosti obce, ubytování, sport, zábava, rekreace, historie, fotogalerie, mapy..url
[2010.05.11 11:23:26 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.05.11 06:37:34 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.05.09 18:14:26 | 000,000,169 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\On-line obchod - PECKA MODELÁŘ - modely, makety - www.peckamodel.cz.url
[2010.02.12 06:19:30 | 000,000,687 | ---- | C] () -- C:\WINDOWS\WorldTimeClock.ini
[2010.02.06 09:44:41 | 000,004,095 | ---- | C] () -- C:\WINDOWS\jqhrwch32.ini
[2010.02.06 09:44:41 | 000,001,442 | ---- | C] () -- C:\WINDOWS\cxpb_vn32.ini
[2009.12.22 08:11:01 | 000,000,281 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2009.11.07 17:39:42 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009.11.07 17:39:42 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009.11.07 17:39:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009.11.07 17:39:42 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009.10.15 06:01:22 | 000,204,857 | ---- | C] () -- C:\WINDOWS\System32\InstallHelp.dll
[2009.10.15 05:58:57 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NeoSetup.INI
[2009.10.09 13:00:39 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.10.09 13:00:39 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.10.03 18:09:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.08.27 07:53:58 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.08.27 07:53:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.07.22 16:24:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.07.22 16:13:26 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009.07.21 09:14:55 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2009.07.21 09:03:10 | 000,002,575 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2009.07.21 09:02:40 | 000,001,678 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2009.07.21 09:02:39 | 000,002,476 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.07.21 09:02:31 | 000,004,578 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.07.21 09:02:31 | 000,002,194 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2009.07.20 18:49:00 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.07.20 18:39:17 | 000,000,256 | ---- | C] () -- C:\WINDOWS\posta2.ini
[2009.07.20 17:34:13 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.07.20 16:26:16 | 000,001,626 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.07.20 14:06:11 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.07.20 13:51:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2009.01.12 09:32:23 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\CO2C40EN.DLL
[2006.02.07 11:36:32 | 000,096,768 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib3.dll
[2006.02.05 16:23:50 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\pmtf1.dll
[2006.02.05 14:27:16 | 000,353,280 | ---- | C] () -- C:\WINDOWS\System32\pmtf2.dll
[2006.01.28 10:28:46 | 000,231,424 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib.dll
[2006.01.15 12:42:26 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib2.dll
[2005.07.13 12:09:00 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\pmjp.dll
[2004.12.14 12:19:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pmexr.dll
[2004.06.25 01:51:44 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\crc32.dll
[2004.06.04 21:22:14 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\IlmImf.dll
[2003.11.26 10:47:24 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmbm.dll
[2002.03.13 15:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
[2001.07.06 15:30:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C2AD09C0
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
< End of report >
OTL by OldTimer - Version 3.2.5.3 Folder = S:\Stažené
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 66,50 Gb Free Space | 68,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 74,52 Gb Total Space | 55,31 Gb Free Space | 74,22% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive S: | 368,10 Gb Total Space | 345,02 Gb Free Space | 93,73% Space Free | Partition Type: NTFS
Computer Name: UZIVATEL-66FF63
Current User Name: uzivatel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.08 13:17:10 | 000,571,904 | ---- | M] (OldTimer Tools) -- S:\Stažené\OTL.exe
PRC - [2010.05.26 11:03:40 | 002,346,192 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010.05.18 05:39:02 | 000,322,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\utorrent.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 14:00:00 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clipbrd.exe
PRC - [2007.12.06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
PRC - [2007.10.10 08:13:19 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- S:\Pracovní2\HijackThis.exe
PRC - [2007.01.06 18:16:05 | 000,753,664 | ---- | M] (goNET s.r.o.) -- C:\Program Files\365dníNET\365dniNET.exe
PRC - [2006.09.18 14:12:12 | 000,843,776 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2006.01.21 14:31:46 | 000,118,784 | ---- | M] (Rainy) -- C:\Program Files\Rainlendar\Rainlendar.exe
PRC - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2000.05.30 16:01:34 | 001,427,480 | ---- | M] (C. Ghisler & Co.) -- E:\instalace\wincmd\Wincmd32.exe
========== Modules (SafeList) ==========
MOD - [2010.06.08 13:17:10 | 000,571,904 | ---- | M] (OldTimer Tools) -- S:\Stažené\OTL.exe
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.12.06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
SRV - [2004.09.29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2010.04.16 17:18:05 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.04.16 17:18:05 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.20 09:52:36 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.20 18:49:00 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.06.02 12:02:46 | 005,085,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.04.24 04:22:16 | 000,141,568 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2007.08.24 05:22:56 | 005,776,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006.09.15 10:41:10 | 010,205,696 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006.01.04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.16
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.11.24 06:10:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2009.12.27 10:19:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.18 11:54:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.18 11:54:33 | 000,000,000 | ---D | M]
[2009.07.21 17:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Extensions
[2010.05.22 10:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\extensions
[2009.09.02 10:34:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.11 08:36:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.07.21 17:38:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.18 11:54:29 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.05.18 11:54:29 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.05.18 11:54:29 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.05.18 11:54:29 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.05.18 11:54:29 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (CHelper Class) - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [update_vs] C:\Program Files\Vyčistit Soubory\UUpdate.exe ()
O4 - HKCU..\Run: [365dni] C:\Program Files\365dníNET\365dniNET.exe (goNET s.r.o.)
O4 - HKCU..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\utorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\uzivatel\Nabídka Start\Programy\Po spuštění\Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe (Rainy)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra 'Tools' menuitem : Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop Components:1 (Aqua Real) - 7db39a0d-580f-4be9-9195-8bfcd226f6c2
O24 - Desktop WallPaper: C:\Documents and Settings\uzivatel\Data aplikací\Zoner\ZPS 10\ZPSWallPaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\uzivatel\Data aplikací\Zoner\ZPS 10\ZPSWallPaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.20 13:35:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.08 12:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.08 12:34:55 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.08 10:53:11 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2010.06.08 09:55:02 | 000,525,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DBGRID32.OCX
[2010.06.08 09:55:02 | 000,415,176 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\System32\COMCT332.OCX
[2010.06.08 09:55:01 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2010.06.08 09:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DATAPONT
[2010.06.01 11:26:10 | 000,000,000 | ---D | C] -- C:\Program Files\AntiKomár
[2010.05.30 09:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Dokumenty\RealFlight G4
[2010.05.30 07:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\KnifeEdge
[2010.05.30 07:48:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Dokumenty\RealFlight G5
[2010.05.30 06:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\PLANstudio
[2010.05.28 15:07:12 | 000,000,000 | ---D | C] -- C:\Garmin
[2010.05.28 12:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Data aplikací\Pathcz
[2010.05.21 18:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Dokumenty\FFOutput
[2010.05.21 18:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Data aplikací\Desktopicon
[2010.05.21 18:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2010.05.21 18:24:14 | 000,000,000 | ---D | C] -- C:\AVOneExport
[2010.05.19 08:06:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\VS Revo Group
[2010.05.18 06:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uzivatel\Data aplikací\Dream Aquarium
[2010.05.18 06:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\Dream Aquarium
[2010.05.11 06:37:34 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.05.11 06:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\AML Products
[2009.07.22 16:13:26 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009.07.22 16:13:26 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2009.07.22 16:13:21 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.08 13:17:19 | 000,001,626 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.08 13:13:17 | 000,027,050 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\POI.url
[2010.06.08 12:58:50 | 000,009,310 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\CzTorrent.url
[2010.06.08 12:57:56 | 000,000,156 | ---- | M] () -- C:\trl.cfg
[2010.06.08 12:52:00 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.08 12:52:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.08 12:22:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.08 12:22:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.08 12:19:38 | 006,029,312 | -H-- | M] () -- C:\Documents and Settings\uzivatel\NTUSER.DAT
[2010.06.08 12:19:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\uzivatel\ntuser.ini
[2010.06.08 12:19:32 | 011,779,952 | -H-- | M] () -- C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\IconCache.db
[2010.06.08 11:27:51 | 000,001,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nápověda ke Vzorům.lnk
[2010.06.08 11:27:51 | 000,001,691 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vzory právních dokumentů.lnk
[2010.06.08 10:59:37 | 000,004,189 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\29. 5. 2010 ČT24 živě ČT24.url
[2010.06.08 10:26:31 | 000,006,441 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Zprávy - tn.cz.url
[2010.06.08 10:17:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.08 08:52:55 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Colosseum.url
[2010.06.08 08:38:21 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\SERVIS 24.url
[2010.06.08 08:21:36 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Houška modelář - internetový obchod pro modeláře.url
[2010.06.08 07:51:45 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\AVSDVDPlayer.m3u
[2010.06.08 07:43:13 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Horní Maršov (obec) - Zajímavosti obce, ubytování, sport, zábava, rekreace, historie, fotogalerie, mapy..url
[2010.06.08 06:37:35 | 000,000,151 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Výsledky.url
[2010.06.08 06:04:22 | 000,000,259 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Casio Sport Hodinky.cz.url
[2010.06.07 17:46:51 | 000,000,112 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Sv. Hostýn - bazilika.url
[2010.06.07 12:45:06 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Microsoft Office Word 2003.lnk
[2010.06.07 08:46:09 | 000,020,294 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\IDOS - Pražská integ.url
[2010.06.07 08:06:44 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Meteoradar CZ.url
[2010.06.06 20:14:18 | 000,000,244 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\MALL.cz - bílé zboží, elektronika, PC, sport, hobby, hračky, design, chovatelské potřeby.url
[2010.06.06 18:48:41 | 000,003,069 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Pravidla českého pravopisu pravidla.cz.url
[2010.06.06 18:33:59 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\uzivatel\Dokumenty\spider.sav
[2010.06.06 11:29:15 | 000,025,574 | ---- | M] () -- C:\WINDOWS\IM16.CFG
[2010.06.06 11:29:15 | 000,003,208 | ---- | M] () -- C:\WINDOWS\im32st.dat
[2010.06.06 10:27:36 | 000,002,301 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\InfoMapa 16.lnk
[2010.06.05 16:49:21 | 000,000,169 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\On-line obchod - PECKA MODELÁŘ - modely, makety - www.peckamodel.cz.url
[2010.06.05 12:11:58 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\ISKO.url
[2010.06.04 05:36:03 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.04 05:35:57 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.04 05:12:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.06.03 11:31:43 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Format Factory.lnk
[2010.06.01 11:29:34 | 001,020,324 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.01 11:29:34 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.01 11:29:34 | 000,428,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.01 11:29:34 | 000,077,872 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.01 11:29:34 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.31 07:07:00 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\POI Loader.lnk
[2010.05.30 07:08:10 | 000,002,246 | ---- | M] () -- C:\WINDOWS\cyklopruvodce.INI
[2010.05.29 08:05:03 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Formuláře, tiskopisy zdarma - MUDr. Zbyněk Mlčoch.url
[2010.05.29 07:57:44 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Peklo II, s.r.o. - Informační servis - Vzory smluv a šablony.url
[2010.05.29 06:48:44 | 000,000,207 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\SILVERLIT PicooZ MALL.cz.url
[2010.05.28 15:07:43 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\MapSource.lnk
[2010.05.25 11:07:00 | 000,000,156 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Mapy 1188 (beta).url
[2010.05.24 19:06:07 | 000,000,140 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Hodinářství Schneider.url
[2010.05.23 21:16:58 | 000,000,342 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Mapy Google.url
[2010.05.23 12:19:19 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Zástupce - googleearth.lnk
[2010.05.16 07:02:48 | 000,000,277 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Epizody - Babicovy dobroty - TV Nova.url
[2010.05.15 17:54:39 | 000,000,108 | ---- | M] () -- C:\Documents and Settings\uzivatel\Plocha\Sdružené ambulantní zařízení Praha 7.url
[2010.05.14 09:29:39 | 000,001,543 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\linguatec Voice Reader.lnk
[2010.05.11 11:23:26 | 000,000,034 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.08 11:27:51 | 000,001,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nápověda ke Vzorům.lnk
[2010.06.08 10:53:14 | 000,001,691 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vzory právních dokumentů.lnk
[2010.06.07 22:07:16 | 000,000,151 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Výsledky.url
[2010.06.03 12:30:36 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Meteoradar CZ.url
[2010.06.03 11:31:43 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Format Factory.lnk
[2010.06.02 15:10:10 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Houška modelář - internetový obchod pro modeláře.url
[2010.06.01 08:01:23 | 000,000,244 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\MALL.cz - bílé zboží, elektronika, PC, sport, hobby, hračky, design, chovatelské potřeby.url
[2010.05.31 07:07:00 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\POI Loader.lnk
[2010.05.30 21:06:42 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Casio Sport Hodinky.cz.url
[2010.05.30 06:11:35 | 000,002,246 | ---- | C] () -- C:\WINDOWS\cyklopruvodce.INI
[2010.05.29 08:53:30 | 000,004,189 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\29. 5. 2010 ČT24 živě ČT24.url
[2010.05.29 08:05:03 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Formuláře, tiskopisy zdarma - MUDr. Zbyněk Mlčoch.url
[2010.05.29 07:57:44 | 000,000,211 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Peklo II, s.r.o. - Informační servis - Vzory smluv a šablony.url
[2010.05.29 06:48:44 | 000,000,207 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\SILVERLIT PicooZ MALL.cz.url
[2010.05.28 15:07:43 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\MapSource.lnk
[2010.05.23 12:19:19 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Zástupce - googleearth.lnk
[2010.05.23 09:28:28 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Hodinářství Schneider.url
[2010.05.14 09:29:39 | 000,001,543 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\linguatec Voice Reader.lnk
[2010.05.13 07:43:47 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\Horní Maršov (obec) - Zajímavosti obce, ubytování, sport, zábava, rekreace, historie, fotogalerie, mapy..url
[2010.05.11 11:23:26 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.05.11 06:37:34 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.05.09 18:14:26 | 000,000,169 | ---- | C] () -- C:\Documents and Settings\uzivatel\Plocha\On-line obchod - PECKA MODELÁŘ - modely, makety - www.peckamodel.cz.url
[2010.02.12 06:19:30 | 000,000,687 | ---- | C] () -- C:\WINDOWS\WorldTimeClock.ini
[2010.02.06 09:44:41 | 000,004,095 | ---- | C] () -- C:\WINDOWS\jqhrwch32.ini
[2010.02.06 09:44:41 | 000,001,442 | ---- | C] () -- C:\WINDOWS\cxpb_vn32.ini
[2009.12.22 08:11:01 | 000,000,281 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2009.11.07 17:39:42 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009.11.07 17:39:42 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009.11.07 17:39:42 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009.11.07 17:39:42 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009.10.15 06:01:22 | 000,204,857 | ---- | C] () -- C:\WINDOWS\System32\InstallHelp.dll
[2009.10.15 05:58:57 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NeoSetup.INI
[2009.10.09 13:00:39 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.10.09 13:00:39 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.10.03 18:09:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.08.27 07:53:58 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.08.27 07:53:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.07.22 16:24:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.07.22 16:13:26 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2009.07.21 09:14:55 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2009.07.21 09:03:10 | 000,002,575 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2009.07.21 09:02:40 | 000,001,678 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2009.07.21 09:02:39 | 000,002,476 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.07.21 09:02:31 | 000,004,578 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.07.21 09:02:31 | 000,002,194 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2009.07.20 18:49:00 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.07.20 18:39:17 | 000,000,256 | ---- | C] () -- C:\WINDOWS\posta2.ini
[2009.07.20 17:34:13 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.07.20 16:26:16 | 000,001,626 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.07.20 14:06:11 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.07.20 13:51:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2009.01.12 09:32:23 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\CO2C40EN.DLL
[2006.02.07 11:36:32 | 000,096,768 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib3.dll
[2006.02.05 16:23:50 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\pmtf1.dll
[2006.02.05 14:27:16 | 000,353,280 | ---- | C] () -- C:\WINDOWS\System32\pmtf2.dll
[2006.01.28 10:28:46 | 000,231,424 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib.dll
[2006.01.15 12:42:26 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\PhotomatixLib2.dll
[2005.07.13 12:09:00 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\pmjp.dll
[2004.12.14 12:19:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pmexr.dll
[2004.06.25 01:51:44 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\crc32.dll
[2004.06.04 21:22:14 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\IlmImf.dll
[2003.11.26 10:47:24 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmbm.dll
[2002.03.13 15:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
[2001.07.06 15:30:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C2AD09C0
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
< End of report >
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o běžnou kontrolu log
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
Re: Prosím o běžnou kontrolu log
ComboFix 10-06-07.04 - uzivatel 08.06.2010 15:29:53.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2037.1492 [GMT 2:00]
Spuštěný z: s:\stažené\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100608-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-08 do 2010-06-08 )))))))))))))))))))))))))))))))
.
2010-06-08 10:34 . 2010-06-08 10:40 -------- d-----w- c:\program files\trend micro
2010-06-08 10:34 . 2010-06-08 10:34 -------- d-----w- C:\rsit
2010-06-08 07:55 . 2002-06-01 04:06 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2010-06-01 09:26 . 2010-06-01 09:26 -------- d-----w- c:\program files\AntiKomár
2010-05-30 05:48 . 2010-06-03 10:25 -------- d-----w- c:\program files\Common Files\KnifeEdge
2010-05-30 04:06 . 2010-05-30 05:10 -------- d-----w- c:\program files\PLANstudio
2010-05-28 13:07 . 2010-05-31 15:56 -------- d-----w- C:\Garmin
2010-05-21 16:42 . 2010-05-21 16:42 -------- d-----w- c:\program files\FreeTime
2010-05-21 16:24 . 2010-05-21 16:24 -------- d-----w- C:\AVOneExport
2010-05-18 04:41 . 2010-05-18 04:41 -------- d-----w- c:\program files\Dream Aquarium
2010-05-11 04:37 . 2003-08-07 13:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2010-05-11 04:37 . 2010-05-11 04:42 -------- d-----w- c:\program files\AML Products
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-08 09:39 . 2009-07-20 17:45 -------- d-----w- c:\program files\GoQ - NetRadio
2010-06-06 09:29 . 2009-07-20 20:06 3208 ----a-w- c:\windows\im32st.dat
2010-06-01 09:29 . 2008-04-14 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-06-01 09:29 . 2008-04-14 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-05-20 06:42 . 2009-07-20 16:44 -------- d-----w- c:\program files\Adresy
2010-05-19 06:10 . 2009-12-06 06:29 -------- d-----w- c:\program files\Formosoft
2010-05-19 06:09 . 2009-07-20 17:06 -------- d-----w- c:\program files\VS Revo Group
2010-05-19 03:02 . 2009-07-20 19:11 -------- d-----w- c:\program files\uTorrent
2010-05-18 09:57 . 2009-07-20 15:14 -------- d-----r- c:\program files\Skype
2010-05-14 03:53 . 2009-07-20 19:27 -------- d-----w- c:\program files\Google
2010-05-13 05:17 . 2009-07-20 19:40 -------- d-----w- c:\program files\Rainlendar
2010-04-24 15:05 . 2009-07-21 16:45 -------- d-----w- c:\program files\TT
2010-04-23 14:00 . 2010-04-23 13:55 -------- d-----w- c:\program files\ABBYY FineReader 9.0
2010-04-23 13:58 . 2010-04-23 13:58 -------- d-----w- c:\program files\Common Files\ABBYY
2010-04-22 16:34 . 2009-07-20 18:56 -------- d-----w- c:\program files\VSO
2010-04-22 16:29 . 2009-07-20 18:56 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-04-22 15:57 . 2009-07-20 17:18 -------- d-----w- c:\program files\Seznam DVD
2010-04-16 15:18 . 2009-10-09 11:00 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-04-16 15:18 . 2009-10-09 11:00 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-04-11 08:18 . 2009-07-21 05:51 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-11 12:36 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"365dni"="c:\program files\365dníNET\365dniNET.exe" [2007-01-06 753664]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2010-05-18 322352]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-05-26 2346192]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-03-14 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"update_vs"="c:\program files\Vyčistit Soubory\UUpdate.exe" [2008-08-05 28672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\uzivatel\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Rainlendar.lnk - c:\program files\Rainlendar\Rainlendar.exe [2006-1-21 118784]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\MSI\\MyGuard Live\\MyGuard Live.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20.7.2009 16:10 114768]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.7.2009 16:10 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.7.2009 18:49 717296]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.7.2009 8:30 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20.7.2009 13:49 1684736]
.
Obsah adresáře 'Naplánované úlohy'
2010-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-26 06:30]
2010-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-26 06:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\progra~1\EUROTR~1\e2003i.dll
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3144)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-06-08 15:33:08
ComboFix-quarantined-files.txt 2010-06-08 13:33
Před spuštěním: Volných bajtů: 75 209 547 776
Po spuštění: Volných bajtů: 75 379 793 920
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - ACCDA91286FDAE866C45ACE6AE9B2A3C
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2037.1492 [GMT 2:00]
Spuštěný z: s:\stažené\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100608-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-08 do 2010-06-08 )))))))))))))))))))))))))))))))
.
2010-06-08 10:34 . 2010-06-08 10:40 -------- d-----w- c:\program files\trend micro
2010-06-08 10:34 . 2010-06-08 10:34 -------- d-----w- C:\rsit
2010-06-08 07:55 . 2002-06-01 04:06 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2010-06-01 09:26 . 2010-06-01 09:26 -------- d-----w- c:\program files\AntiKomár
2010-05-30 05:48 . 2010-06-03 10:25 -------- d-----w- c:\program files\Common Files\KnifeEdge
2010-05-30 04:06 . 2010-05-30 05:10 -------- d-----w- c:\program files\PLANstudio
2010-05-28 13:07 . 2010-05-31 15:56 -------- d-----w- C:\Garmin
2010-05-21 16:42 . 2010-05-21 16:42 -------- d-----w- c:\program files\FreeTime
2010-05-21 16:24 . 2010-05-21 16:24 -------- d-----w- C:\AVOneExport
2010-05-18 04:41 . 2010-05-18 04:41 -------- d-----w- c:\program files\Dream Aquarium
2010-05-11 04:37 . 2003-08-07 13:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2010-05-11 04:37 . 2010-05-11 04:42 -------- d-----w- c:\program files\AML Products
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-08 09:39 . 2009-07-20 17:45 -------- d-----w- c:\program files\GoQ - NetRadio
2010-06-06 09:29 . 2009-07-20 20:06 3208 ----a-w- c:\windows\im32st.dat
2010-06-01 09:29 . 2008-04-14 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-06-01 09:29 . 2008-04-14 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-05-20 06:42 . 2009-07-20 16:44 -------- d-----w- c:\program files\Adresy
2010-05-19 06:10 . 2009-12-06 06:29 -------- d-----w- c:\program files\Formosoft
2010-05-19 06:09 . 2009-07-20 17:06 -------- d-----w- c:\program files\VS Revo Group
2010-05-19 03:02 . 2009-07-20 19:11 -------- d-----w- c:\program files\uTorrent
2010-05-18 09:57 . 2009-07-20 15:14 -------- d-----r- c:\program files\Skype
2010-05-14 03:53 . 2009-07-20 19:27 -------- d-----w- c:\program files\Google
2010-05-13 05:17 . 2009-07-20 19:40 -------- d-----w- c:\program files\Rainlendar
2010-04-24 15:05 . 2009-07-21 16:45 -------- d-----w- c:\program files\TT
2010-04-23 14:00 . 2010-04-23 13:55 -------- d-----w- c:\program files\ABBYY FineReader 9.0
2010-04-23 13:58 . 2010-04-23 13:58 -------- d-----w- c:\program files\Common Files\ABBYY
2010-04-22 16:34 . 2009-07-20 18:56 -------- d-----w- c:\program files\VSO
2010-04-22 16:29 . 2009-07-20 18:56 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-04-22 15:57 . 2009-07-20 17:18 -------- d-----w- c:\program files\Seznam DVD
2010-04-16 15:18 . 2009-10-09 11:00 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-04-16 15:18 . 2009-10-09 11:00 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-04-11 08:18 . 2009-07-21 05:51 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-11 12:36 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"365dni"="c:\program files\365dníNET\365dniNET.exe" [2007-01-06 753664]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2010-05-18 322352]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-05-26 2346192]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-03-14 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"update_vs"="c:\program files\Vyčistit Soubory\UUpdate.exe" [2008-08-05 28672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\uzivatel\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Rainlendar.lnk - c:\program files\Rainlendar\Rainlendar.exe [2006-1-21 118784]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\MSI\\MyGuard Live\\MyGuard Live.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20.7.2009 16:10 114768]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.7.2009 16:10 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.7.2009 18:49 717296]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.7.2009 8:30 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20.7.2009 13:49 1684736]
.
Obsah adresáře 'Naplánované úlohy'
2010-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-26 06:30]
2010-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-26 06:30]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\progra~1\EUROTR~1\e2003i.dll
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\1cmsjrsu.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3144)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-06-08 15:33:08
ComboFix-quarantined-files.txt 2010-06-08 13:33
Před spuštěním: Volných bajtů: 75 209 547 776
Po spuštění: Volných bajtů: 75 379 793 920
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - ACCDA91286FDAE866C45ACE6AE9B2A3C
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o běžnou kontrolu log
stáhněte GMER , rozbalte a spusťte
proběhne sken, po jeho ukončení se zobrazí výsledky
poté klikněte na Save a uložíte tak log, jehož obsah sem vložte
pak dle tohoto návodu absolvujte druhý sken a opět obsah logu sem
proběhne sken, po jeho ukončení se zobrazí výsledky
poté klikněte na Save a uložíte tak log, jehož obsah sem vložte
pak dle tohoto návodu absolvujte druhý sken a opět obsah logu sem
Re: Prosím o běžnou kontrolu log
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-06-08 17:11:45
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\uzivatel\LOCALS~1\Temp\uxdirfog.sys
---- System - GMER 1.0.15 ----
SSDT spvz.sys ZwEnumerateKey [0xB9EC6CA2]
SSDT spvz.sys ZwEnumerateValueKey [0xB9EC7030]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 89DD21F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
Rootkit quick scan 2010-06-08 17:11:45
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\uzivatel\LOCALS~1\Temp\uxdirfog.sys
---- System - GMER 1.0.15 ----
SSDT spvz.sys ZwEnumerateKey [0xB9EC6CA2]
SSDT spvz.sys ZwEnumerateValueKey [0xB9EC7030]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 89DD21F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
Re: Prosím o běžnou kontrolu log
LOG2
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-08 18:28:28
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\uzivatel\LOCALS~1\Temp\uxdirfog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xA8C296B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xA8C29574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xA8C29A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xA8C2914C]
SSDT spvz.sys ZwEnumerateKey [0xB9EC6CA2]
SSDT spvz.sys ZwEnumerateValueKey [0xB9EC7030]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xA8C2964E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xA8C2908C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xA8C290F0]
SSDT spvz.sys ZwQueryKey [0xB9EC7108]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xA8C2976E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xA8C2972E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xA8C298AE]
INT 0x62 ? 89DD3BF8
INT 0x63 ? 89C16BF8
INT 0x82 ? 89DD3BF8
INT 0x83 ? 89C16BF8
INT 0xA4 ? 89C16BF8
INT 0xB4 ? 89C16BF8
---- Kernel code sections - GMER 1.0.15 ----
? spvz.sys Systém nemůže nalézt uvedený soubor. !
.text USBPORT.SYS!DllUnload B968B8AC 5 Bytes JMP 89C161D8
.text ask2x2oz.SYS B95D7384 1 Byte [20]
.text ask2x2oz.SYS B95D7384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]
.text ask2x2oz.SYS B95D73AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]
.text ask2x2oz.SYS B95D73C4 3 Bytes [00, 00, 00]
.text ask2x2oz.SYS B95D73C9 1 Byte [00]
.text ...
.text C:\WINDOWS\system32\drivers\ACEDRV07.sys section is writeable [0xA809C000, 0x328BA, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV07.sys entry point in ".pklstb" section [0xA80E0000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV07.sys unknown last section [0xA80FC000, 0x8E, 0x42000040]
.text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xA76A0300, 0x3AF78, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xBA450300, 0x1BCE, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414AF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 41622046 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 41621FC7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4162200B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41621F53 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41621F8D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41622081 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 414D17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 41622243 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414AF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 41622046 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 41621FC7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4162200B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41621F53 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41621F8D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41622081 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 414D17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 41622243 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA9040] spvz.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA913C] spvz.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA90BE] spvz.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA97FC] spvz.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA96D2] spvz.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EB9048] spvz.sys
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfAcquireSpinLock] 000000AD
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!READ_PORT_UCHAR] 000000D4
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KeGetCurrentIrql] 000000A2
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfRaiseIrql] 000000AF
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfLowerIrql] 0000009C
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!HalGetInterruptVector] 000000A4
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!HalTranslateBusAddress] 00000072
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KeStallExecutionProcessor] 000000C0
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfReleaseSpinLock] 000000B7
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 000000FD
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!READ_PORT_USHORT] 00000093
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000026
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!WRITE_PORT_UCHAR] 00000036
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[WMILIB.SYS!WmiSystemControl] 000000F7
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[WMILIB.SYS!WmiCompleteRequest] 000000CC
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 89DD21F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\sptd \Device\2550656478 spvz.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{4EE459F7-563D-453B-B9EE-35ED13F549B2} 89B0D500
Device \Driver\PCI_PNP8978 \Device\00000043 spvz.sys
Device \Driver\usbuhci \Device\USBPDO-0 89C151F8
Device \Driver\usbuhci \Device\USBPDO-1 89C151F8
Device \Driver\usbuhci \Device\USBPDO-2 89C151F8
Device \Driver\usbuhci \Device\USBPDO-3 89C151F8
Device \Driver\usbehci \Device\USBPDO-4 89C141F8
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Ftdisk \Device\HarddiskVolume1 89E451F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 89E451F8
Device \Driver\Cdrom \Device\CdRom0 89BD11F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 89E451F8
Device \Driver\Cdrom \Device\CdRom1 89BD11F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\USBSTOR \Device\00000074 8925A1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 89B0D500
Device \Driver\NetBT \Device\NetbiosSmb 89B0D500
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBFDO-0 89C151F8
Device \Driver\usbuhci \Device\USBFDO-1 89C151F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89119500
Device \Driver\usbuhci \Device\USBFDO-2 89C151F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89119500
Device \Driver\USBSTOR \Device\0000006f 8925A1F8
Device \Driver\usbuhci \Device\USBFDO-3 89C151F8
Device \Driver\usbehci \Device\USBFDO-4 89C141F8
Device \Driver\Ftdisk \Device\FtControl 89E451F8
Device \Driver\ask2x2oz \Device\Scsi\ask2x2oz1Port2Path0Target0Lun0 89BCF1F8
Device \Driver\ask2x2oz \Device\Scsi\ask2x2oz1 89BCF1F8
Device \FileSystem\Cdfs \Cdfs 892581F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001167ad2011
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001167ad2011@00247dd6eb08 0xCB 0xB9 0x1A 0xBF ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF3 0x2F 0xB8 0xDD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x2F 0x05 0x8B 0xAE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x7C 0xD9 0x6C 0xEA ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001167ad2011 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001167ad2011@00247dd6eb08 0xCB 0xB9 0x1A 0xBF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF3 0x2F 0xB8 0xDD ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x2F 0x05 0x8B 0xAE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x7C 0xD9 0x6C 0xEA ...
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-08 18:28:28
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\uzivatel\LOCALS~1\Temp\uxdirfog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xA8C296B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xA8C29574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xA8C29A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xA8C2914C]
SSDT spvz.sys ZwEnumerateKey [0xB9EC6CA2]
SSDT spvz.sys ZwEnumerateValueKey [0xB9EC7030]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xA8C2964E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xA8C2908C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xA8C290F0]
SSDT spvz.sys ZwQueryKey [0xB9EC7108]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xA8C2976E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xA8C2972E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xA8C298AE]
INT 0x62 ? 89DD3BF8
INT 0x63 ? 89C16BF8
INT 0x82 ? 89DD3BF8
INT 0x83 ? 89C16BF8
INT 0xA4 ? 89C16BF8
INT 0xB4 ? 89C16BF8
---- Kernel code sections - GMER 1.0.15 ----
? spvz.sys Systém nemůže nalézt uvedený soubor. !
.text USBPORT.SYS!DllUnload B968B8AC 5 Bytes JMP 89C161D8
.text ask2x2oz.SYS B95D7384 1 Byte [20]
.text ask2x2oz.SYS B95D7384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]
.text ask2x2oz.SYS B95D73AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]
.text ask2x2oz.SYS B95D73C4 3 Bytes [00, 00, 00]
.text ask2x2oz.SYS B95D73C9 1 Byte [00]
.text ...
.text C:\WINDOWS\system32\drivers\ACEDRV07.sys section is writeable [0xA809C000, 0x328BA, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV07.sys entry point in ".pklstb" section [0xA80E0000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV07.sys unknown last section [0xA80FC000, 0x8E, 0x42000040]
.text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xA76A0300, 0x3AF78, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xBA450300, 0x1BCE, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414AF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 41622046 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 41621FC7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4162200B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41621F53 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41621F8D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41622081 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 414D17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2408] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 41622243 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414AF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 41622046 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 41621FC7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 4162200B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 41621F53 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 41621F8D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 41622081 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 414D17EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4040] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 41622243 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA9040] spvz.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA913C] spvz.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA90BE] spvz.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA97FC] spvz.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA96D2] spvz.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EB9048] spvz.sys
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfAcquireSpinLock] 000000AD
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!READ_PORT_UCHAR] 000000D4
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KeGetCurrentIrql] 000000A2
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfRaiseIrql] 000000AF
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfLowerIrql] 0000009C
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!HalGetInterruptVector] 000000A4
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!HalTranslateBusAddress] 00000072
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KeStallExecutionProcessor] 000000C0
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!KfReleaseSpinLock] 000000B7
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 000000FD
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!READ_PORT_USHORT] 00000093
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000026
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[HAL.dll!WRITE_PORT_UCHAR] 00000036
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[WMILIB.SYS!WmiSystemControl] 000000F7
IAT \SystemRoot\System32\Drivers\ask2x2oz.SYS[WMILIB.SYS!WmiCompleteRequest] 000000CC
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 89DD21F8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\sptd \Device\2550656478 spvz.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{4EE459F7-563D-453B-B9EE-35ED13F549B2} 89B0D500
Device \Driver\PCI_PNP8978 \Device\00000043 spvz.sys
Device \Driver\usbuhci \Device\USBPDO-0 89C151F8
Device \Driver\usbuhci \Device\USBPDO-1 89C151F8
Device \Driver\usbuhci \Device\USBPDO-2 89C151F8
Device \Driver\usbuhci \Device\USBPDO-3 89C151F8
Device \Driver\usbehci \Device\USBPDO-4 89C141F8
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Ftdisk \Device\HarddiskVolume1 89E451F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 89E451F8
Device \Driver\Cdrom \Device\CdRom0 89BD11F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 89E451F8
Device \Driver\Cdrom \Device\CdRom1 89BD11F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B9E22B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\USBSTOR \Device\00000074 8925A1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 89B0D500
Device \Driver\NetBT \Device\NetbiosSmb 89B0D500
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBFDO-0 89C151F8
Device \Driver\usbuhci \Device\USBFDO-1 89C151F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89119500
Device \Driver\usbuhci \Device\USBFDO-2 89C151F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89119500
Device \Driver\USBSTOR \Device\0000006f 8925A1F8
Device \Driver\usbuhci \Device\USBFDO-3 89C151F8
Device \Driver\usbehci \Device\USBFDO-4 89C141F8
Device \Driver\Ftdisk \Device\FtControl 89E451F8
Device \Driver\ask2x2oz \Device\Scsi\ask2x2oz1Port2Path0Target0Lun0 89BCF1F8
Device \Driver\ask2x2oz \Device\Scsi\ask2x2oz1 89BCF1F8
Device \FileSystem\Cdfs \Cdfs 892581F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001167ad2011
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001167ad2011@00247dd6eb08 0xCB 0xB9 0x1A 0xBF ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF3 0x2F 0xB8 0xDD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x2F 0x05 0x8B 0xAE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x7C 0xD9 0x6C 0xEA ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001167ad2011 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001167ad2011@00247dd6eb08 0xCB 0xB9 0x1A 0xBF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF3 0x2F 0xB8 0xDD ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x2F 0x05 0x8B 0xAE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x7C 0xD9 0x6C 0xEA ...
---- EOF - GMER 1.0.15 ----
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o běžnou kontrolu log
C:\Windows\System32\Drivers\ask2x2oz.SYS
C:\WINDOWS\system32\drivers\ACEDRV07.sys
otestujte na VIRUSTOTALu
jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu
C:\WINDOWS\system32\drivers\ACEDRV07.sys
otestujte na VIRUSTOTALu
jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu
Re: Prosím o běžnou kontrolu log
Je mi moc líto ale v této cestě nemohu najít soubor
1 C:\Windows\System32\Drivers\ask2x2oz.SYS
2 C:\WINDOWS\system32\drivers\ACEDRV07.sys
( ve druhé cestě je jen soubor "ACEDRV07" (bez koncovky ". sys")
1 C:\Windows\System32\Drivers\ask2x2oz.SYS
2 C:\WINDOWS\system32\drivers\ACEDRV07.sys
( ve druhé cestě je jen soubor "ACEDRV07" (bez koncovky ". sys")
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o běžnou kontrolu log
máte zapnuté zobrazování skrytých a systémových souborů?
Re: Prosím o běžnou kontrolu log
Ani po odkrytí (skryté) jsem druhý soubor nenašel.
Ani v hledání souborů)
Soubor ACEDRV07.sys přijatý 2010.06.09 03:16:49 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 42 a 60 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:
Antivirus Verze Poslední aktualizace Výsledek
a-squared 5.0.0.26 2010.06.09 -
AhnLab-V3 2010.06.09.00 2010.06.09 -
AntiVir 8.2.2.6 2010.06.08 -
Antiy-AVL 2.0.3.7 2010.06.08 -
Authentium 5.2.0.5 2010.06.09 -
Avast 4.8.1351.0 2010.06.08 -
Avast5 5.0.332.0 2010.06.08 -
AVG 9.0.0.787 2010.06.08 -
BitDefender 7.2 2010.06.09 -
CAT-QuickHeal 10.00 2010.06.09 -
ClamAV 0.96.0.3-git 2010.06.09 -
Comodo 5033 2010.06.09 -
DrWeb 5.0.2.03300 2010.06.09 -
eSafe 7.0.17.0 2010.06.08 -
eTrust-Vet 36.1.7621 2010.06.09 -
F-Prot 4.6.0.103 2010.06.08 -
F-Secure 9.0.15370.0 2010.06.09 -
Fortinet 4.1.133.0 2010.06.08 -
GData 21 2010.06.09 -
Ikarus T3.1.1.84.0 2010.06.09 -
Jiangmin 13.0.900 2010.06.08 -
Kaspersky 7.0.0.125 2010.06.09 -
McAfee 5.400.0.1158 2010.06.09 -
McAfee-GW-Edition 2010.1 2010.06.08 -
Microsoft 1.5802 2010.06.08 -
NOD32 5183 2010.06.08 -
Norman 6.04.12 2010.06.08 -
nProtect 2010-06-08.01 2010.06.08 -
Panda 10.0.2.7 2010.06.08 -
PCTools 7.0.3.5 2010.06.09 -
Prevx 3.0 2010.06.09 -
Rising 22.51.01.04 2010.06.08 -
Sophos 4.53.0 2010.06.09 -
Sunbelt 6421 2010.06.09 -
Symantec 20101.1.0.89 2010.06.08 -
TheHacker 6.5.2.0.295 2010.06.08 -
TrendMicro 9.120.0.1004 2010.06.08 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.09 -
VBA32 3.12.12.5 2010.06.08 -
ViRobot 2010.6.8.2343 2010.06.08 -
VirusBuster 5.0.27.0 2010.06.08 -
Rozšiřující informace
File size: 101376 bytes
MD5...: 4e5451dd0aec8504d7f8030dd2d4c416
SHA1..: 0c68ff31887b8914229424f31e69d5960a84885a
SHA256: d1bf62b1d3d3d347da46c0fe002c117fabc0abccabd1c56d5a6d9f1682c61233
ssdeep: 1536:bMGfYDq+WwOY8rrThGGO58SdwWoZrIKwRKGbxNCk8/Evsz418ySd/vP79If
Grk1n:bRfYtjOnZwErTlr8vQBd/H79IurMF5
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x45000
timedatestamp.....: 0x44536c8d (Sat Apr 29 13:39:25 2006)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x328ba 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x34000 0x304 0x400 3.75 812772f167a5ac562f0084049b8b5d1a
.data 0x35000 0x294c 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
INIT 0x38000 0x564 0x600 5.07 84aa1e1b0243dafaca33233089fef7e0
.rsrc 0x39000 0x360 0x400 2.89 9c88945c91ea2be10f43c75d51f7e313
.delete 0x3a000 0xa8a2 0x200 6.20 60d1c6d18f040fc8b48101d7c80bd818
.pklstb 0x45000 0x1b600 0x17600 7.67 de304d961903e9960e6bd7773097dd49
.relo2 0x61000 0x8e 0x200 1.94 b1d64db61bede10b778ac5d3443bf7be
( 2 imports )
> ntoskrnl.exe: ObfDereferenceObject, KeSetEvent, IofCompleteRequest, IoCreateSymbolicLink, IoDeleteDevice, IoDeleteSymbolicLink, PsGetCurrentProcessId, KeSetAffinityThread, RtlInitUnicodeString, IoGetDeviceObjectPointer, IoFreeIrp, IoGetAttachedDevice, RtlFreeUnicodeString, KeInitializeEvent, IoBuildSynchronousFsdRequest, KeWaitForSingleObject, ExAllocatePool, IoAllocateIrp, IofCallDriver, MmUnlockPages, IoFreeMdl, ExFreePool, RtlAnsiStringToUnicodeString, RtlInitString, IoCreateDevice, MmIsAddressValid, ZwClose, ExQueueWorkItem, ExAllocatePoolWithTag, _except_handler3, memmove, ExReleaseResourceLite, IoDetachDevice, ExAcquireResourceExclusiveLite, wcslen, ZwQueryObject, tolower, ZwQueryInformationFile, KdDebuggerEnabled, toupper, strrchr, KeGetCurrentThread, ExDeleteResourceLite, IoAttachDeviceByPointer, IoGetRelatedDeviceObject, ObReferenceObjectByHandle, DbgPrint, ExInitializeResourceLite, PsGetVersion, ZwQuerySystemInformation, KeNumberProcessors, ZwCreateFile
> HAL.dll: KfLowerIrql, KfRaiseIrql
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Protect Software GmbH
copyright....: (C) Copyright 2004-2006 Protect Software GmbH
product......: n/a
description..: Helper Driver - Access Level 1a
original name: hwctrl.drv
internal name: Driver
file version.: 6, 8, 0, 60428
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (Kaspersky): PKLite32
packers (F-Prot): PKLite32
Ani v hledání souborů)
Soubor ACEDRV07.sys přijatý 2010.06.09 03:16:49 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 42 a 60 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.
Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:
Antivirus Verze Poslední aktualizace Výsledek
a-squared 5.0.0.26 2010.06.09 -
AhnLab-V3 2010.06.09.00 2010.06.09 -
AntiVir 8.2.2.6 2010.06.08 -
Antiy-AVL 2.0.3.7 2010.06.08 -
Authentium 5.2.0.5 2010.06.09 -
Avast 4.8.1351.0 2010.06.08 -
Avast5 5.0.332.0 2010.06.08 -
AVG 9.0.0.787 2010.06.08 -
BitDefender 7.2 2010.06.09 -
CAT-QuickHeal 10.00 2010.06.09 -
ClamAV 0.96.0.3-git 2010.06.09 -
Comodo 5033 2010.06.09 -
DrWeb 5.0.2.03300 2010.06.09 -
eSafe 7.0.17.0 2010.06.08 -
eTrust-Vet 36.1.7621 2010.06.09 -
F-Prot 4.6.0.103 2010.06.08 -
F-Secure 9.0.15370.0 2010.06.09 -
Fortinet 4.1.133.0 2010.06.08 -
GData 21 2010.06.09 -
Ikarus T3.1.1.84.0 2010.06.09 -
Jiangmin 13.0.900 2010.06.08 -
Kaspersky 7.0.0.125 2010.06.09 -
McAfee 5.400.0.1158 2010.06.09 -
McAfee-GW-Edition 2010.1 2010.06.08 -
Microsoft 1.5802 2010.06.08 -
NOD32 5183 2010.06.08 -
Norman 6.04.12 2010.06.08 -
nProtect 2010-06-08.01 2010.06.08 -
Panda 10.0.2.7 2010.06.08 -
PCTools 7.0.3.5 2010.06.09 -
Prevx 3.0 2010.06.09 -
Rising 22.51.01.04 2010.06.08 -
Sophos 4.53.0 2010.06.09 -
Sunbelt 6421 2010.06.09 -
Symantec 20101.1.0.89 2010.06.08 -
TheHacker 6.5.2.0.295 2010.06.08 -
TrendMicro 9.120.0.1004 2010.06.08 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.09 -
VBA32 3.12.12.5 2010.06.08 -
ViRobot 2010.6.8.2343 2010.06.08 -
VirusBuster 5.0.27.0 2010.06.08 -
Rozšiřující informace
File size: 101376 bytes
MD5...: 4e5451dd0aec8504d7f8030dd2d4c416
SHA1..: 0c68ff31887b8914229424f31e69d5960a84885a
SHA256: d1bf62b1d3d3d347da46c0fe002c117fabc0abccabd1c56d5a6d9f1682c61233
ssdeep: 1536:bMGfYDq+WwOY8rrThGGO58SdwWoZrIKwRKGbxNCk8/Evsz418ySd/vP79If
Grk1n:bRfYtjOnZwErTlr8vQBd/H79IurMF5
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x45000
timedatestamp.....: 0x44536c8d (Sat Apr 29 13:39:25 2006)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x328ba 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x34000 0x304 0x400 3.75 812772f167a5ac562f0084049b8b5d1a
.data 0x35000 0x294c 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
INIT 0x38000 0x564 0x600 5.07 84aa1e1b0243dafaca33233089fef7e0
.rsrc 0x39000 0x360 0x400 2.89 9c88945c91ea2be10f43c75d51f7e313
.delete 0x3a000 0xa8a2 0x200 6.20 60d1c6d18f040fc8b48101d7c80bd818
.pklstb 0x45000 0x1b600 0x17600 7.67 de304d961903e9960e6bd7773097dd49
.relo2 0x61000 0x8e 0x200 1.94 b1d64db61bede10b778ac5d3443bf7be
( 2 imports )
> ntoskrnl.exe: ObfDereferenceObject, KeSetEvent, IofCompleteRequest, IoCreateSymbolicLink, IoDeleteDevice, IoDeleteSymbolicLink, PsGetCurrentProcessId, KeSetAffinityThread, RtlInitUnicodeString, IoGetDeviceObjectPointer, IoFreeIrp, IoGetAttachedDevice, RtlFreeUnicodeString, KeInitializeEvent, IoBuildSynchronousFsdRequest, KeWaitForSingleObject, ExAllocatePool, IoAllocateIrp, IofCallDriver, MmUnlockPages, IoFreeMdl, ExFreePool, RtlAnsiStringToUnicodeString, RtlInitString, IoCreateDevice, MmIsAddressValid, ZwClose, ExQueueWorkItem, ExAllocatePoolWithTag, _except_handler3, memmove, ExReleaseResourceLite, IoDetachDevice, ExAcquireResourceExclusiveLite, wcslen, ZwQueryObject, tolower, ZwQueryInformationFile, KdDebuggerEnabled, toupper, strrchr, KeGetCurrentThread, ExDeleteResourceLite, IoAttachDeviceByPointer, IoGetRelatedDeviceObject, ObReferenceObjectByHandle, DbgPrint, ExInitializeResourceLite, PsGetVersion, ZwQuerySystemInformation, KeNumberProcessors, ZwCreateFile
> HAL.dll: KfLowerIrql, KfRaiseIrql
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Protect Software GmbH
copyright....: (C) Copyright 2004-2006 Protect Software GmbH
product......: n/a
description..: Helper Driver - Access Level 1a
original name: hwctrl.drv
internal name: Driver
file version.: 6, 8, 0, 60428
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (Kaspersky): PKLite32
packers (F-Prot): PKLite32
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o běžnou kontrolu log
vypadá to na poškozený systém, pokuste se poopravovat co půjde
návod zde http://www.viry.cz/forum/viewtopic.php?f=46&t=17549
návod zde http://www.viry.cz/forum/viewtopic.php?f=46&t=17549
Re: Prosím o běžnou kontrolu log
Děkuji,na to jsem příliš velký laik,díkyza pomoc
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o běžnou kontrolu log
stáhněte si T-Cleaner zde http://sweb.cz/Marinus/T-Cleaner.exe a spusťte, uklidí použité programy
zeptám se, které aplikace odmítá pc otvírat?
zeptám se, které aplikace odmítá pc otvírat?
Přispějete na provoz fóra?