Zdravím,
Na mém PC:
1) nelze spustit žádný ativirový, atispywerový ..., program. Vždy vyskočí hláška, že se nejedná o platnou aplikaci typu Win32.
Zkošel jsem Awast, Spyboot, SpywareTerminator, ComboFix,... Vše dopadlo stejně.
2) Nejdou instalovat aktualizace windovs
3) Nejde spustit nouzový režim (žádný)
Můžete mi poradit?
Zde přikládám log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Libor at 2010-09-02 16:08:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (26%) free of 52 GB
Total RAM: 3327 MB (77% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\Allway Sync_{42134B6F16ADE5852D1E0732DA7D7A90}.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{19855D51-09FF-4CC1-815C-34C0775FB6A5}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-12 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-12 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22 321120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-12 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS Probe"=C:\Program Files\ASUS\Probe\AsusProb.exe [2002-12-06 617984]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\point32.exe [2004-06-03 204800]
"type32"=C:\Program Files\Microsoft IntelliType Pro\type32.exe [2004-06-03 172032]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2004-09-02 57344]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2010-09-02 866584]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-22 620152]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2010-09-02 81000]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-04-01 5562368]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SybaseCentral43"=C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe [2005-02-04 1046016]
"DBISQL9"=C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe [2006-01-11 135168]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-11-10 1051648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Action Manager 32.lnk]
C:\PROGRA~1\ScannerU\AM32.exe [2003-11-26 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"InCDsrv"=2
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RACServerLogon]
C:\WINDOWS\system32\RACServerLogon2.dll [2009-02-22 62736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0x02000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Adobe\GoLive CS_ENG\GoLive.exe"="C:\Program Files\Adobe\GoLive CS_ENG\GoLive.exe:*:Enabled:Adobe GoLive Application"
"E:\BIN\WIN32\PLAYER.EXE"="E:\BIN\WIN32\PLAYER.EXE:*:Enabled:Macromedia Projector"
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe"="C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe"="C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe:*:Enabled:Adaptive Server Anywhere ISQL"
"C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe"="C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe:*:Enabled:Sybase Central"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"D:\Strong DC++ 2.12\StrongDC.exe"="D:\Strong DC++ 2.12\StrongDC.exe:*:Enabled:StrongDC.exe"
"D:\Strong DC++ 2.22\StrongDC.exe"="D:\Strong DC++ 2.22\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\abf3\FTP.EXE"="C:\abf3\FTP.EXE:*:Enabled:Program pro přenos souborů (FTP)"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Disabled:µTorrent"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe"="C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe:*:Enabled:StrongDC++"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Disabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Disabled:ICQ6"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""E:\HBCD\WINTOOLS\PROCEXP.EXE"
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
======List of files/folders created in the last 2 months======
2010-09-02 16:08:08 ----D---- C:\Program Files\trend micro
2010-09-02 16:08:07 ----D---- C:\rsit
2010-09-02 14:53:14 ----D---- C:\46c1a25689023fa07eea470afddf51
2010-09-02 13:24:17 ----A---- C:\WINDOWS\system32\simptcp.dll
2010-09-02 12:22:19 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-02 12:20:34 ----D---- C:\WINDOWS\SoftwareDistribution
2010-09-02 12:03:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-09-02 11:42:14 ----D---- C:\Documents and Settings\Libor\Data aplikací\SUPERAntiSpyware.com
2010-09-02 11:36:28 ----A---- C:\Startup Programs (PRM) 2010-09-02 11.36.10.txt
2010-09-02 11:35:51 ----A---- C:\Startup Programs (PRM) 2010-09-02 11.35.33.txt
======List of files/folders modified in the last 2 months======
2010-09-02 16:08:20 ----D---- C:\Program Files\e
2010-09-02 16:08:08 ----RD---- C:\Program Files
2010-09-02 16:06:17 ----RSD---- C:\WINDOWS\assembly
2010-09-02 15:57:41 ----D---- C:\WINDOWS\Temp
2010-09-02 15:57:41 ----D---- C:\WINDOWS\system32\ias
2010-09-02 15:57:00 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-02 15:56:42 ----D---- C:\WINDOWS\system32\drivers
2010-09-02 15:51:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-02 15:16:48 ----SHD---- C:\Config.Msi
2010-09-02 15:16:33 ----SHD---- C:\WINDOWS\Installer
2010-09-02 15:16:25 ----D---- C:\WINDOWS\system32
2010-09-02 15:16:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-02 15:15:30 ----D---- C:\WINDOWS\WinSxS
2010-09-02 14:55:27 ----SHD---- C:\WINDOWS\CSC
2010-09-02 14:55:26 ----D---- C:\WINDOWS
2010-09-02 13:28:43 ----D---- C:\WINDOWS\system32\cs-cz
2010-09-02 13:28:43 ----D---- C:\Program Files\Windows Desktop Search
2010-09-02 13:26:54 ----D---- C:\WINDOWS\security
2010-09-02 13:24:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-02 13:24:17 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-02 13:21:30 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-09-02 13:21:30 ----A---- C:\WINDOWS\imsins.BAK
2010-09-02 13:21:13 ----HD---- C:\WINDOWS\inf
2010-09-02 13:21:13 ----D---- C:\WINDOWS\system32\wbem
2010-09-02 13:20:03 ----A---- C:\WINDOWS\win.ini
2010-09-02 13:16:44 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-09-02 13:14:52 ----D---- C:\Program Files\AviSynth 2.5
2010-09-02 12:51:47 ----D---- C:\WINDOWS\system32\config
2010-09-02 12:25:11 ----RD---- C:\WINDOWS\Web
2010-09-02 12:23:55 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2010-09-02 12:22:52 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-02 11:56:28 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-02 10:22:02 ----A---- C:\WINDOWS\WINCMD.INI
2010-09-01 13:11:05 ----D---- C:\AITEMP
2010-08-20 10:12:05 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-08-18 13:31:17 ----D---- C:\Program Files\Cherrysoft
2010-08-18 13:27:57 ----D---- C:\Program Files\Gabest
2010-08-18 13:26:42 ----D---- C:\WINDOWS\system32\inetsrv
2010-08-18 13:26:01 ----D---- C:\Program Files\Yahoo!
2010-08-18 13:18:38 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-18 13:16:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-08-18 13:15:41 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-18 13:09:07 ----D---- C:\Program Files\ICQToolbar
2010-08-18 13:07:02 ----A---- C:\WINDOWS\hpbj1000.ini
2010-08-18 13:06:56 ----D---- C:\Program Files\Hewlett-Packard
2010-08-18 13:04:55 ----D---- C:\Program Files\Microsoft ActiveSync
2010-08-18 13:00:28 ----A---- C:\Documents and Settings\Libor\Data aplikací\AutoGK.ini
2010-08-18 12:58:46 ----SD---- C:\WINDOWS\Tasks
2010-08-16 08:41:23 ----D---- C:\Program Files\Opera
2010-08-06 10:44:05 ----D---- C:\WINDOWS\system32\Restore
2010-07-30 11:25:49 ----D---- C:\Documents and Settings\Libor\Data aplikací\SolidDocuments
2010-07-26 14:20:23 ----A---- C:\WINDOWS\ConverterCore.INI
2010-07-20 10:28:53 ----D---- C:\Program Files\FormStudio
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-08-06 716272]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-11-10 31360]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-11-10 33792]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sK9Ou0s;sK9Ou0s; \??\C:\WINDOWS\system32\srosa2.sys []
R2 RACDriver;RAC driver; \??\C:\Program Files\PCNetSoftware\RAC Server\RACDriver.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2007-11-30 97216]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-11-27 539512]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-11-21 879624]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-06-29 156392]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-11-27 74688]
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-21 1275584]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-08-31 26240]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-04-01 3454656]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352]
R3 racmirror;racmirror; C:\WINDOWS\system32\DRIVERS\racmirror.sys [2008-03-25 32784]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-08-19 189568]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-11-10 102912]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 glaide32;glaide32; \??\C:\WINDOWS\system32\drivers\glaide32.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2004-08-23 29440]
S3 azd9ggxa;azd9ggxa; C:\WINDOWS\system32\drivers\azd9ggxa.sys []
S3 azd9ggxa;azd9ggxa; C:\WINDOWS\system32\drivers\azd9ggxa.sys []
S3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 siusbmod;siusbmod; C:\WINDOWS\system32\DRIVERS\siusbmod.sys []
S3 SliceDisk5;SliceDisk5; \??\C:\DOCUME~1\Libor\LOCALS~1\Temp\FindAndMount\slicedisk.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S4 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S4 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S4 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []
S4 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-12-06 264800]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 Iprip;Naslouchání RIP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2006-10-26 335872]
R2 MSSQL$SPZSQL2006;MSSQL$SPZSQL2006; C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe [2002-12-17 7520337]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-04-01 127043]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\WINDOWS\Installer\MSID9.tmp [2010-05-13 189760]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-12-11 654848]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-19 135664]
S2 PCNetSoftware RAC Server;PCNetSoftware RAC Server; C:\Program Files\PCNetSoftware\RAC Server\RACs.exe [2010-01-28 3745040]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-06-23 69632]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Cd2udr;Cd2udr; C:\WINDOWS\system32\drivers\ntfs.sys [2008-04-13 574976]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-16 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SPZSQL2006;SQLAgent$SPZSQL2006; C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2010-06-23 18752]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2010-06-23 138680]
S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S4 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-11-10 859136]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nelze spustit žádný antivir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nelze spustit žádný antivir
ComboFix nespouštějte bez doporučení rádce, může dojít k poškození systému!
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu a přejmenujte ho na cokoliv.com.
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu a přejmenujte ho na cokoliv.com.
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Nelze spustit žádný antivir
OTL logfile created on: 3.9.2010 8:23:24 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Libor\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,78 Gb Total Space | 11,62 Gb Free Space | 22,89% Space Free | Partition Type: NTFS
Drive D: | 98,27 Gb Total Space | 13,58 Gb Free Space | 13,82% Space Free | Partition Type: NTFS
Drive E: | 186,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 192,31 Gb Total Space | 173,90 Gb Free Space | 90,43% Space Free | Partition Type: NTFS
Computer Name: PRM
Current User Name: Libor
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.03 08:21:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
PRC - [2010.08.09 15:27:06 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.05.13 09:27:19 | 000,189,760 | ---- | M] (Solid Documents, LLC) -- C:\WINDOWS\Installer\MSID9.tmp
PRC - [2009.11.11 11:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.10.29 14:03:34 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
PRC - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.27 10:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.13 00:56:18 | 012,829,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
PRC - [2007.12.11 16:36:09 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007.12.06 14:39:12 | 001,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007.12.06 14:39:12 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006.11.13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006.10.22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2006.01.11 19:11:12 | 000,135,168 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe
PRC - [2005.04.02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
PRC - [2004.08.18 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe
PRC - [2004.06.03 01:51:28 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\type32.exe
PRC - [2004.06.03 01:50:08 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe
PRC - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe
PRC - [2002.12.06 16:07:48 | 000,617,984 | ---- | M] () -- C:\Program Files\ASUS\Probe\AsusProb.exe
========== Modules (SafeList) ==========
MOD - [2010.09.03 08:21:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.12.06 11:54:44 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.09.03 08:23:28 | 000,352,920 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2010.09.03 08:23:28 | 000,254,040 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2010.09.03 08:23:28 | 000,138,680 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2010.09.03 08:23:27 | 000,018,752 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2010.05.13 09:27:19 | 000,189,760 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\WINDOWS\Installer\MSID9.tmp -- (SCPDFReadSpool)
SRV - [2010.01.28 13:04:25 | 003,745,040 | ---- | M] (Miloslav Novotny N+P) [Auto | Stopped] -- C:\Program Files\PCNetSoftware\RAC Server\RACs.exe -- (PCNetSoftware RAC Server)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.14 05:21:44 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2007.12.11 16:36:09 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.03.20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006.11.10 17:18:42 | 000,859,136 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.04.02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService)
SRV - [2004.08.18 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe -- (MSSQL$SPZSQL2006)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlagent.EXE -- (SQLAgent$SPZSQL2006)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\siusbmod.sys -- (siusbmod)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\glaide32.sys -- (glaide32)
DRV - File not found [File_System | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.03 08:01:46 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\srosa2.sys -- (sK9Ou0s)
DRV - [2010.01.28 13:04:25 | 000,008,208 | ---- | M] (Miloslav Novotný N+P) [Kernel | Auto | Running] -- C:\Program Files\PCNetSoftware\RAC Server\RACDriver.sys -- (RACDriver)
DRV - [2009.10.06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.06 11:33:35 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.03 19:07:34 | 000,010,240 | ---- | M] (Atola) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Libor\Local Settings\Temp\FindAndMount\slicedisk.sys -- (SliceDisk5)
DRV - [2008.03.25 10:14:56 | 000,032,784 | ---- | M] (Miloslav Novotny N+P) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\racmirror.sys -- (racmirror)
DRV - [2007.11.30 17:23:02 | 000,097,216 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007.11.27 16:40:40 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.11.27 16:40:38 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.11.21 11:51:30 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.08.07 21:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.06.29 12:38:30 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.31 13:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.23 10:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.11.10 17:17:50 | 000,033,792 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2006.11.10 17:16:34 | 000,031,360 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2006.11.10 17:15:44 | 000,102,912 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.04.01 16:16:00 | 003,454,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.10.21 12:56:08 | 001,275,584 | R--- | M] (C-Media Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax)
DRV - [2004.08.31 20:07:08 | 000,026,240 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004.08.23 13:55:54 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser)
DRV - [2004.08.19 07:21:00 | 000,189,568 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.03.17 16:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [1997.04.22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: ([2010.06.08 08:19:15 | 000,404,301 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 13985 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe ()
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\point32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [type32] C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [DBISQL9] C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe (iAnywhere Solutions, Inc.)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [SybaseCentral43] C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe (Info soft)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 02 00 00 00 [binary data]
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} https://www.microsoft.com/resources/vir ... lient1.cab (Microsoft Virtual Server VMRC Advanced Control)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://fotky.fujifilm.cz/fotoalbum/auri ... oader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\RACServerLogon: DllName - RACServerLogon2.dll - C:\WINDOWS\System32\RACServerLogon2.dll (Miloslav Novotny N+P)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Libor\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Libor\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "E:\HBCD\WINTOOLS\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.06.21 15:31:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.08.29 22:59:46 | 000,000,199 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{16049615-8348-11df-87b5-001e0a0002e3}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O33 - MountPoints2\{380f6eb0-0b2c-11df-874f-001e0a0002e3}\Shell - "" = AutoRun
O33 - MountPoints2\{380f6eb0-0b2c-11df-874f-001e0a0002e3}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8349d35a-1b16-11dc-8454-8000600fe800}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{e921bbbb-0a4b-11df-874d-001e0a0002e3}\Shell\AutoRun\command - "" = F:\SamsungSoftware\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 30 Days ==========
[2010.09.03 08:21:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
[2010.09.02 16:12:27 | 001,210,704 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Libor\Plocha\tdsskiller.exe
[2010.09.02 16:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.02 16:08:07 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.02 15:32:14 | 012,049,864 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Libor\Plocha\windows-kb890830-v3.10.exe
[2010.09.02 14:53:14 | 000,000,000 | ---D | C] -- C:\46c1a25689023fa07eea470afddf51
[2010.09.02 13:24:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simptcp.dll
[2010.09.02 13:24:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010.09.02 12:22:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010.09.02 12:20:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010.09.02 12:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.09.02 11:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\SUPERAntiSpyware.com
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.03 08:28:55 | 002,933,823 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\ComboFix.exe
[2010.09.03 08:28:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010.09.03 08:21:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
[2010.09.03 08:12:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.03 08:02:20 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{19855D51-09FF-4CC1-815C-34C0775FB6A5}.job
[2010.09.03 08:01:46 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\srosa2.sys
[2010.09.03 08:00:28 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
[2010.09.03 08:00:18 | 000,021,961 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.09.03 07:59:58 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.03 07:59:43 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010.09.03 07:59:39 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.03 07:59:35 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010.09.03 07:59:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.03 07:59:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.02 17:13:29 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\Libor\NTUSER.DAT
[2010.09.02 17:13:29 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Libor\ntuser.ini
[2010.09.02 16:13:01 | 001,210,704 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Libor\Plocha\tdsskiller.exe
[2010.09.02 15:39:10 | 000,724,952 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\avenger.zip
[2010.09.02 15:32:26 | 012,049,864 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Libor\Plocha\windows-kb890830-v3.10.exe
[2010.09.02 15:16:25 | 001,296,424 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.02 15:16:25 | 000,545,414 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.02 15:16:25 | 000,542,280 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.09.02 15:16:25 | 000,121,342 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.09.02 15:16:25 | 000,109,492 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.02 13:26:39 | 028,682,820 | -H-- | M] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\IconCache.db
[2010.09.02 13:21:30 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.02 13:20:03 | 000,001,168 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.02 12:53:07 | 015,990,784 | -H-- | M] () -- C:\Documents and Settings\Libor\NTUSER.bak
[2010.09.02 12:23:39 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.09.02 12:23:39 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.09.02 12:00:03 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.09.02 11:56:28 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.02 10:22:02 | 000,002,850 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.09.01 12:59:14 | 000,102,683 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\potvrzena_objednavka.pdf
[2010.08.27 16:01:26 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\Rozpis Tenis 2010.xls
[2010.08.26 14:22:39 | 000,102,348 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\objednavka_.pdf
[2010.08.24 13:06:05 | 000,133,157 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\faktura.pdf
[2010.08.20 10:12:05 | 000,001,939 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010.08.20 09:48:04 | 000,099,476 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\nabidka.pdf
[2010.08.19 10:26:38 | 000,037,014 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\prehled_fv_dle_firem.pdf
[2010.08.18 13:07:02 | 000,098,048 | ---- | M] () -- C:\WINDOWS\hpbj1000.his
[2010.08.18 13:07:02 | 000,006,832 | ---- | M] () -- C:\WINDOWS\hpbj1000.ini
[2010.08.18 13:00:28 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\Libor\Data aplikací\AutoGK.ini
[2010.08.16 08:41:33 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.02 16:20:30 | 002,933,823 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\ComboFix.exe
[2010.09.02 15:39:09 | 000,724,952 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\avenger.zip
[2010.09.02 12:52:49 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Libor\NTUSER.tmp.LOG
[2010.09.01 12:59:14 | 000,102,683 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\potvrzena_objednavka.pdf
[2010.08.26 14:22:39 | 000,102,348 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\objednavka_.pdf
[2010.08.24 13:06:05 | 000,133,157 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\faktura.pdf
[2010.08.20 09:48:04 | 000,099,476 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\nabidka.pdf
[2010.08.19 10:26:38 | 000,037,014 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\prehled_fv_dle_firem.pdf
[2010.06.14 10:54:37 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\srosa2.sys
[2010.05.13 09:32:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2010.05.13 09:27:22 | 000,027,456 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll
[2010.05.13 09:27:22 | 000,018,752 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll
[2010.01.18 12:57:15 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\keyfile3.drm
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.07.02 12:40:02 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\fusioncache.dat
[2009.06.10 14:26:38 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\wiaserva.log
[2009.04.06 09:00:42 | 000,038,422 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Hodnoty oddělené čárkami (DOS).ADR
[2009.03.18 14:55:42 | 000,000,094 | ---- | C] () -- C:\WINDOWS\winin.ini
[2008.08.06 11:33:34 | 000,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.04.07 18:43:39 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007.12.06 11:55:12 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.08.10 10:19:08 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.07.04 15:46:09 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\NetworkService\Data aplikací\$_hpcst$.hpc
[2007.04.03 15:56:10 | 000,000,098 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2007.01.11 12:28:16 | 000,000,020 | ---- | C] () -- C:\WINDOWS\level.ini
[2007.01.02 10:48:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.05 13:53:15 | 000,027,193 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Osobní adresář.ADR
[2006.09.26 13:04:49 | 000,000,391 | R--- | C] () -- C:\WINDOWS\hpw1000k.ini
[2006.09.26 13:01:55 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\hptrace.ini
[2006.09.26 13:00:22 | 000,006,832 | ---- | C] () -- C:\WINDOWS\hpbj1000.ini
[2006.08.22 09:53:39 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2006.04.24 10:52:11 | 000,000,038 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.04.13 16:54:35 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\$_hpcst$.hpc
[2006.04.06 15:59:23 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006.03.02 16:58:43 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.01.30 10:00:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2006.01.11 19:09:24 | 000,027,327 | ---- | C] () -- C:\WINDOWS\wmi.ini
[2005.12.26 18:16:59 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005.12.25 12:29:00 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\AutoGK.ini
[2005.12.01 09:52:59 | 000,001,454 | ---- | C] () -- C:\WINDOWS\emailer.ini
[2005.12.01 09:52:55 | 000,001,085 | ---- | C] () -- C:\WINDOWS\uidemlr.dll
[2005.09.24 16:27:41 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.09.15 11:38:44 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005.08.03 11:20:15 | 000,001,064 | ---- | C] () -- C:\WINDOWS\pae.ini
[2005.07.14 16:55:27 | 000,038,447 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Microsoft Access.ADR
[2005.07.14 16:44:54 | 000,038,426 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Hodnoty oddělené čárkami (Windows).ADR
[2005.06.30 11:35:07 | 000,000,613 | ---- | C] () -- C:\WINDOWS\if40le.ini
[2005.06.30 11:35:06 | 000,000,105 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2005.06.30 11:34:54 | 000,003,044 | ---- | C] () -- C:\WINDOWS\If42le.ini
[2005.06.30 11:34:53 | 000,000,297 | ---- | C] () -- C:\WINDOWS\PEXPLORE.INI
[2005.06.30 11:34:51 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2005.06.30 11:34:44 | 000,000,403 | ---- | C] () -- C:\WINDOWS\umxaddin.ini
[2005.06.30 11:33:40 | 000,049,152 | R--- | C] () -- C:\WINDOWS\AutoSet.dll
[2005.06.28 14:27:03 | 000,001,939 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2005.06.28 14:24:46 | 000,002,850 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2005.06.24 09:53:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATMSTUB.INI
[2005.06.23 15:54:32 | 000,001,264 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.06.23 15:47:59 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[2005.06.23 15:38:01 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2005.06.22 14:12:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.06.22 09:57:48 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2005.06.22 09:56:26 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2005.06.22 09:56:26 | 000,005,696 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005.06.22 09:56:22 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005.06.21 17:16:41 | 000,001,216 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.04.01 16:16:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.07.31 10:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[1998.06.10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
========== LOP Check ==========
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Libor\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,78 Gb Total Space | 11,62 Gb Free Space | 22,89% Space Free | Partition Type: NTFS
Drive D: | 98,27 Gb Total Space | 13,58 Gb Free Space | 13,82% Space Free | Partition Type: NTFS
Drive E: | 186,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 192,31 Gb Total Space | 173,90 Gb Free Space | 90,43% Space Free | Partition Type: NTFS
Computer Name: PRM
Current User Name: Libor
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.03 08:21:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
PRC - [2010.08.09 15:27:06 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.05.13 09:27:19 | 000,189,760 | ---- | M] (Solid Documents, LLC) -- C:\WINDOWS\Installer\MSID9.tmp
PRC - [2009.11.11 11:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.10.29 14:03:34 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
PRC - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.27 10:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.13 00:56:18 | 012,829,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
PRC - [2007.12.11 16:36:09 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007.12.06 14:39:12 | 001,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007.12.06 14:39:12 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006.11.13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006.10.22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2006.01.11 19:11:12 | 000,135,168 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe
PRC - [2005.04.02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
PRC - [2004.08.18 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe
PRC - [2004.06.03 01:51:28 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\type32.exe
PRC - [2004.06.03 01:50:08 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe
PRC - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe
PRC - [2002.12.06 16:07:48 | 000,617,984 | ---- | M] () -- C:\Program Files\ASUS\Probe\AsusProb.exe
========== Modules (SafeList) ==========
MOD - [2010.09.03 08:21:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.12.06 11:54:44 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.09.03 08:23:28 | 000,352,920 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2010.09.03 08:23:28 | 000,254,040 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2010.09.03 08:23:28 | 000,138,680 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2010.09.03 08:23:27 | 000,018,752 | ---- | M] (ALWIL Software) [Disabled | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2010.05.13 09:27:19 | 000,189,760 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\WINDOWS\Installer\MSID9.tmp -- (SCPDFReadSpool)
SRV - [2010.01.28 13:04:25 | 003,745,040 | ---- | M] (Miloslav Novotny N+P) [Auto | Stopped] -- C:\Program Files\PCNetSoftware\RAC Server\RACs.exe -- (PCNetSoftware RAC Server)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.14 05:21:44 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2007.12.11 16:36:09 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.03.20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006.11.10 17:18:42 | 000,859,136 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.04.02 03:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService)
SRV - [2004.08.18 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe -- (MSSQL$SPZSQL2006)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlagent.EXE -- (SQLAgent$SPZSQL2006)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\siusbmod.sys -- (siusbmod)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\glaide32.sys -- (glaide32)
DRV - File not found [File_System | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.03 08:01:46 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\srosa2.sys -- (sK9Ou0s)
DRV - [2010.01.28 13:04:25 | 000,008,208 | ---- | M] (Miloslav Novotný N+P) [Kernel | Auto | Running] -- C:\Program Files\PCNetSoftware\RAC Server\RACDriver.sys -- (RACDriver)
DRV - [2009.10.06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.06 11:33:35 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.03 19:07:34 | 000,010,240 | ---- | M] (Atola) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Libor\Local Settings\Temp\FindAndMount\slicedisk.sys -- (SliceDisk5)
DRV - [2008.03.25 10:14:56 | 000,032,784 | ---- | M] (Miloslav Novotny N+P) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\racmirror.sys -- (racmirror)
DRV - [2007.11.30 17:23:02 | 000,097,216 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007.11.27 16:40:40 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.11.27 16:40:38 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.11.21 11:51:30 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.08.07 21:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.06.29 12:38:30 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.31 13:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.23 10:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.11.10 17:17:50 | 000,033,792 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2006.11.10 17:16:34 | 000,031,360 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2006.11.10 17:15:44 | 000,102,912 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.04.01 16:16:00 | 003,454,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.10.21 12:56:08 | 001,275,584 | R--- | M] (C-Media Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax)
DRV - [2004.08.31 20:07:08 | 000,026,240 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004.08.23 13:55:54 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser)
DRV - [2004.08.19 07:21:00 | 000,189,568 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.03.17 16:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [1997.04.22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: ([2010.06.08 08:19:15 | 000,404,301 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 13985 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe ()
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\point32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [type32] C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [DBISQL9] C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe (iAnywhere Solutions, Inc.)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004..\Run: [SybaseCentral43] C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe (Info soft)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 02 00 00 00 [binary data]
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} https://www.microsoft.com/resources/vir ... lient1.cab (Microsoft Virtual Server VMRC Advanced Control)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://fotky.fujifilm.cz/fotoalbum/auri ... oader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\RACServerLogon: DllName - RACServerLogon2.dll - C:\WINDOWS\System32\RACServerLogon2.dll (Miloslav Novotny N+P)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Libor\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Libor\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\taskmgr.exe: Debugger - "E:\HBCD\WINTOOLS\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.06.21 15:31:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.08.29 22:59:46 | 000,000,199 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{16049615-8348-11df-87b5-001e0a0002e3}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O33 - MountPoints2\{380f6eb0-0b2c-11df-874f-001e0a0002e3}\Shell - "" = AutoRun
O33 - MountPoints2\{380f6eb0-0b2c-11df-874f-001e0a0002e3}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8349d35a-1b16-11dc-8454-8000600fe800}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{e921bbbb-0a4b-11df-874d-001e0a0002e3}\Shell\AutoRun\command - "" = F:\SamsungSoftware\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 30 Days ==========
[2010.09.03 08:21:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
[2010.09.02 16:12:27 | 001,210,704 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Libor\Plocha\tdsskiller.exe
[2010.09.02 16:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.02 16:08:07 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.02 15:32:14 | 012,049,864 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Libor\Plocha\windows-kb890830-v3.10.exe
[2010.09.02 14:53:14 | 000,000,000 | ---D | C] -- C:\46c1a25689023fa07eea470afddf51
[2010.09.02 13:24:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simptcp.dll
[2010.09.02 13:24:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010.09.02 12:22:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010.09.02 12:20:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010.09.02 12:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.09.02 11:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Libor\Data aplikací\SUPERAntiSpyware.com
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.03 08:28:55 | 002,933,823 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\ComboFix.exe
[2010.09.03 08:28:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010.09.03 08:21:37 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Libor\Plocha\grr.com
[2010.09.03 08:12:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.03 08:02:20 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{19855D51-09FF-4CC1-815C-34C0775FB6A5}.job
[2010.09.03 08:01:46 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\srosa2.sys
[2010.09.03 08:00:28 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
[2010.09.03 08:00:18 | 000,021,961 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.09.03 07:59:58 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.03 07:59:43 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010.09.03 07:59:39 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.03 07:59:35 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010.09.03 07:59:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.03 07:59:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.02 17:13:29 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\Libor\NTUSER.DAT
[2010.09.02 17:13:29 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Libor\ntuser.ini
[2010.09.02 16:13:01 | 001,210,704 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Libor\Plocha\tdsskiller.exe
[2010.09.02 15:39:10 | 000,724,952 | ---- | M] () -- C:\Documents and Settings\Libor\Plocha\avenger.zip
[2010.09.02 15:32:26 | 012,049,864 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Libor\Plocha\windows-kb890830-v3.10.exe
[2010.09.02 15:16:25 | 001,296,424 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.02 15:16:25 | 000,545,414 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.09.02 15:16:25 | 000,542,280 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.09.02 15:16:25 | 000,121,342 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.09.02 15:16:25 | 000,109,492 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.09.02 13:26:39 | 028,682,820 | -H-- | M] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\IconCache.db
[2010.09.02 13:21:30 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.02 13:20:03 | 000,001,168 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.09.02 12:53:07 | 015,990,784 | -H-- | M] () -- C:\Documents and Settings\Libor\NTUSER.bak
[2010.09.02 12:23:39 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.09.02 12:23:39 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.09.02 12:00:03 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.09.02 11:56:28 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.02 10:22:02 | 000,002,850 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2010.09.01 12:59:14 | 000,102,683 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\potvrzena_objednavka.pdf
[2010.08.27 16:01:26 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\Rozpis Tenis 2010.xls
[2010.08.26 14:22:39 | 000,102,348 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\objednavka_.pdf
[2010.08.24 13:06:05 | 000,133,157 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\faktura.pdf
[2010.08.20 10:12:05 | 000,001,939 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010.08.20 09:48:04 | 000,099,476 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\nabidka.pdf
[2010.08.19 10:26:38 | 000,037,014 | ---- | M] () -- C:\Documents and Settings\Libor\Dokumenty\prehled_fv_dle_firem.pdf
[2010.08.18 13:07:02 | 000,098,048 | ---- | M] () -- C:\WINDOWS\hpbj1000.his
[2010.08.18 13:07:02 | 000,006,832 | ---- | M] () -- C:\WINDOWS\hpbj1000.ini
[2010.08.18 13:00:28 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\Libor\Data aplikací\AutoGK.ini
[2010.08.16 08:41:33 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.02 16:20:30 | 002,933,823 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\ComboFix.exe
[2010.09.02 15:39:09 | 000,724,952 | ---- | C] () -- C:\Documents and Settings\Libor\Plocha\avenger.zip
[2010.09.02 12:52:49 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Libor\NTUSER.tmp.LOG
[2010.09.01 12:59:14 | 000,102,683 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\potvrzena_objednavka.pdf
[2010.08.26 14:22:39 | 000,102,348 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\objednavka_.pdf
[2010.08.24 13:06:05 | 000,133,157 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\faktura.pdf
[2010.08.20 09:48:04 | 000,099,476 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\nabidka.pdf
[2010.08.19 10:26:38 | 000,037,014 | ---- | C] () -- C:\Documents and Settings\Libor\Dokumenty\prehled_fv_dle_firem.pdf
[2010.06.14 10:54:37 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\srosa2.sys
[2010.05.13 09:32:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2010.05.13 09:27:22 | 000,027,456 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll
[2010.05.13 09:27:22 | 000,018,752 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll
[2010.01.18 12:57:15 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\keyfile3.drm
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.07.02 12:40:02 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\fusioncache.dat
[2009.06.10 14:26:38 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\wiaserva.log
[2009.04.06 09:00:42 | 000,038,422 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Hodnoty oddělené čárkami (DOS).ADR
[2009.03.18 14:55:42 | 000,000,094 | ---- | C] () -- C:\WINDOWS\winin.ini
[2008.08.06 11:33:34 | 000,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.04.07 18:43:39 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007.12.06 11:55:12 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.08.10 10:19:08 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.07.04 15:46:09 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\NetworkService\Data aplikací\$_hpcst$.hpc
[2007.04.03 15:56:10 | 000,000,098 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2007.01.11 12:28:16 | 000,000,020 | ---- | C] () -- C:\WINDOWS\level.ini
[2007.01.02 10:48:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.05 13:53:15 | 000,027,193 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Osobní adresář.ADR
[2006.09.26 13:04:49 | 000,000,391 | R--- | C] () -- C:\WINDOWS\hpw1000k.ini
[2006.09.26 13:01:55 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\hptrace.ini
[2006.09.26 13:00:22 | 000,006,832 | ---- | C] () -- C:\WINDOWS\hpbj1000.ini
[2006.08.22 09:53:39 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2006.04.24 10:52:11 | 000,000,038 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.04.13 16:54:35 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\$_hpcst$.hpc
[2006.04.06 15:59:23 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006.03.02 16:58:43 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\Libor\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.01.30 10:00:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL
[2006.01.11 19:09:24 | 000,027,327 | ---- | C] () -- C:\WINDOWS\wmi.ini
[2005.12.26 18:16:59 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005.12.25 12:29:00 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\AutoGK.ini
[2005.12.01 09:52:59 | 000,001,454 | ---- | C] () -- C:\WINDOWS\emailer.ini
[2005.12.01 09:52:55 | 000,001,085 | ---- | C] () -- C:\WINDOWS\uidemlr.dll
[2005.09.24 16:27:41 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.09.15 11:38:44 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005.08.03 11:20:15 | 000,001,064 | ---- | C] () -- C:\WINDOWS\pae.ini
[2005.07.14 16:55:27 | 000,038,447 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Microsoft Access.ADR
[2005.07.14 16:44:54 | 000,038,426 | ---- | C] () -- C:\Documents and Settings\Libor\Data aplikací\Hodnoty oddělené čárkami (Windows).ADR
[2005.06.30 11:35:07 | 000,000,613 | ---- | C] () -- C:\WINDOWS\if40le.ini
[2005.06.30 11:35:06 | 000,000,105 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2005.06.30 11:34:54 | 000,003,044 | ---- | C] () -- C:\WINDOWS\If42le.ini
[2005.06.30 11:34:53 | 000,000,297 | ---- | C] () -- C:\WINDOWS\PEXPLORE.INI
[2005.06.30 11:34:51 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2005.06.30 11:34:44 | 000,000,403 | ---- | C] () -- C:\WINDOWS\umxaddin.ini
[2005.06.30 11:33:40 | 000,049,152 | R--- | C] () -- C:\WINDOWS\AutoSet.dll
[2005.06.28 14:27:03 | 000,001,939 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2005.06.28 14:24:46 | 000,002,850 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2005.06.24 09:53:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATMSTUB.INI
[2005.06.23 15:54:32 | 000,001,264 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.06.23 15:47:59 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[2005.06.23 15:38:01 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2005.06.22 14:12:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.06.22 09:57:48 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2005.06.22 09:56:26 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2005.06.22 09:56:26 | 000,005,696 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005.06.22 09:56:22 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005.06.21 17:16:41 | 000,001,216 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.04.01 16:16:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001.07.31 10:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[1998.06.10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
========== LOP Check ==========
Re: Nelze spustit žádný antivir
[2009.03.20 10:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESET
[2009.03.20 10:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2005.06.30 09:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AddAce
[2008.10.16 13:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\America's Army Deploy Client
[2007.04.03 15:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Elaborate Bytes
[2008.02.29 12:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2006.04.13 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GoldWaveCDDB
[2010.01.22 14:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.04.06 12:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2006.04.13 08:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2007.09.04 11:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2007.12.07 10:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2010.05.13 09:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SolidDocuments
[2009.11.24 12:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sync App Settings
[2010.09.02 12:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2005.06.30 09:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AddAce
[2010.06.14 10:52:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\drivers
[2006.01.18 10:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\DSDevelopment
[2008.02.29 12:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ESET
[2010.01.13 09:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\GlarySoft
[2010.06.29 08:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ
[2007.09.03 18:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ Toolbar
[2006.03.28 09:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQLite
[2008.12.04 09:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Jpeg Resampler
[2010.06.14 11:15:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\m
[2009.01.14 10:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Nokia
[2008.09.01 14:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Opera
[2009.04.06 08:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\PC Suite
[2010.07.30 11:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\SolidDocuments
[2007.02.19 15:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\URSoft
[2010.04.06 12:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\VitySoft
[2009.11.12 10:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Windows Search
[2008.04.10 10:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XCPCSync.OEM
[2005.06.23 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XnView
[2007.10.17 11:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Zoner
[2009.11.24 12:51:35 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Tasks\Allway Sync_{42134B6F16ADE5852D1E0732DA7D7A90}.job
[2010.09.03 07:59:43 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2010.09.02 12:00:03 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010.09.03 07:59:35 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010.09.03 08:02:20 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{19855D51-09FF-4CC1-815C-34C0775FB6A5}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SybaseCentral43" = "C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe" -preload -- [2005.02.04 06:08:00 | 001,046,016 | ---- | M] (Info soft)
"DBISQL9" = "C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe" -preload -- [2006.01.11 19:11:12 | 000,135,168 | ---- | M] (iAnywhere Solutions, Inc.)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 11:57:36 | 001,451,520 | ---- | M] (Nokia)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.10.05 09:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.06.30 09:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AddAce
[2010.05.04 15:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Adobe
[2005.06.24 09:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AdobeAUM
[2007.01.22 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AdobeUM
[2007.01.09 13:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Ahead
[2008.07.02 16:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Arcsoft
[2010.06.14 10:52:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\drivers
[2006.01.18 10:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\DSDevelopment
[2008.02.29 12:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ESET
[2010.01.13 09:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\GlarySoft
[2008.06.10 09:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Google
[2005.06.23 12:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Help
[2010.06.29 08:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ
[2007.09.03 18:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ Toolbar
[2006.03.28 09:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQLite
[2005.06.21 15:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Identities
[2007.08.13 16:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\InstallShield
[2008.12.04 09:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Jpeg Resampler
[2007.03.01 16:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Lavasoft
[2010.06.14 11:15:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\m
[2005.06.24 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Macromedia
[2009.12.21 12:09:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Libor\Data aplikací\Microsoft
[2009.01.14 10:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Nokia
[2008.09.01 14:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Opera
[2009.04.06 08:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\PC Suite
[2010.05.13 17:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Skype
[2010.07.30 11:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\SolidDocuments
[2008.09.01 14:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Sun
[2010.09.02 16:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\SUPERAntiSpyware.com
[2010.01.27 12:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\U3
[2007.02.19 15:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\URSoft
[2010.04.06 12:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\VitySoft
[2009.11.12 10:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Windows Search
[2010.04.13 17:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\WinRAR
[2008.04.10 10:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XCPCSync.OEM
[2005.06.23 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XnView
[2007.10.17 11:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2005.02.04 06:08:00 | 001,046,016 | ---- | M] (Info soft) -- C:\Documents and Settings\Libor\Data aplikací\drivers\winupgro.exe
[2010.09.03 08:02:00 | 001,377,284 | ---- | M] () -- C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe
[2009.09.08 10:52:02 | 000,012,286 | R--- | M] () -- C:\Documents and Settings\Libor\Data aplikací\Microsoft\Installer\{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}\ARPPRODUCTICON.exe
[2009.09.08 10:52:02 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Libor\Data aplikací\Microsoft\Installer\{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}\NewShortcut1_F0275E0E560C48EC9C00AAA081D9B060.exe
[2009.09.08 10:52:02 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Libor\Data aplikací\Microsoft\Installer\{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}\NewShortcut2_F9EC847C405449A09490328CB57F8BEC.exe
File not found -- C:\Documents and Settings\Libor\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Libor\Data aplikací\U3\temp\Launchpad Removal.exe
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.08.06 11:33:35 | 000,716,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2005.06.21 17:21:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005.06.21 17:21:43 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.06.21 17:21:43 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.02 12:23:39 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2010.09.02 12:23:39 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2010.09.03 08:00:18 | 000,021,961 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.09.02 15:16:25 | 000,121,342 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.09.02 15:16:25 | 000,109,492 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.09.02 15:16:25 | 000,542,280 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.09.02 15:16:25 | 000,545,414 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.09.02 15:16:25 | 001,296,424 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.09.03 08:01:46 | 000,007,168 | ---- | M] () -- C:\WINDOWS\system32\srosa2.sys
[2010.09.03 07:59:58 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
========== Files - Unicode (All) ==========
[2009.04.08 13:10:40 | 000,000,000 | ---D | M](C:\Documents and Settings\Libor\Data aplikac?) -- C:\Documents and Settings\Libor\Data aplikac�
[2006.08.02 11:54:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Libor\Data aplikac?acromedia) -- C:\Documents and Settings\Libor\Data aplikac�acromedia
(C:\Documents and Settings\Libor\Data aplikac?acromedia) -- C:\Documents and Settings\Libor\Data aplikac�acromedia
(C:\Documents and Settings\Libor\Data aplikac?) -- C:\Documents and Settings\Libor\Data aplikac�
< End of report >
Musel jsem to rozdělit do dvou zpráv. Zpráva byla delší než 60000 znaků.
[2009.03.20 10:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2005.06.30 09:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AddAce
[2008.10.16 13:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\America's Army Deploy Client
[2007.04.03 15:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Elaborate Bytes
[2008.02.29 12:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2006.04.13 09:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GoldWaveCDDB
[2010.01.22 14:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.04.06 12:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2006.04.13 08:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2007.09.04 11:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2007.12.07 10:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2010.05.13 09:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SolidDocuments
[2009.11.24 12:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sync App Settings
[2010.09.02 12:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2005.06.30 09:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AddAce
[2010.06.14 10:52:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\drivers
[2006.01.18 10:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\DSDevelopment
[2008.02.29 12:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ESET
[2010.01.13 09:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\GlarySoft
[2010.06.29 08:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ
[2007.09.03 18:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ Toolbar
[2006.03.28 09:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQLite
[2008.12.04 09:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Jpeg Resampler
[2010.06.14 11:15:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\m
[2009.01.14 10:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Nokia
[2008.09.01 14:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Opera
[2009.04.06 08:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\PC Suite
[2010.07.30 11:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\SolidDocuments
[2007.02.19 15:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\URSoft
[2010.04.06 12:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\VitySoft
[2009.11.12 10:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Windows Search
[2008.04.10 10:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XCPCSync.OEM
[2005.06.23 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XnView
[2007.10.17 11:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Zoner
[2009.11.24 12:51:35 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Tasks\Allway Sync_{42134B6F16ADE5852D1E0732DA7D7A90}.job
[2010.09.03 07:59:43 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2010.09.02 12:00:03 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010.09.03 07:59:35 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2010.09.03 08:02:20 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{19855D51-09FF-4CC1-815C-34C0775FB6A5}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SybaseCentral43" = "C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe" -preload -- [2005.02.04 06:08:00 | 001,046,016 | ---- | M] (Info soft)
"DBISQL9" = "C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe" -preload -- [2006.01.11 19:11:12 | 000,135,168 | ---- | M] (iAnywhere Solutions, Inc.)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 11:57:36 | 001,451,520 | ---- | M] (Nokia)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.10.05 09:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.06.30 09:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AddAce
[2010.05.04 15:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Adobe
[2005.06.24 09:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AdobeAUM
[2007.01.22 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\AdobeUM
[2007.01.09 13:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Ahead
[2008.07.02 16:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Arcsoft
[2010.06.14 10:52:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\drivers
[2006.01.18 10:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\DSDevelopment
[2008.02.29 12:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ESET
[2010.01.13 09:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\GlarySoft
[2008.06.10 09:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Google
[2005.06.23 12:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Help
[2010.06.29 08:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ
[2007.09.03 18:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQ Toolbar
[2006.03.28 09:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\ICQLite
[2005.06.21 15:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Identities
[2007.08.13 16:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\InstallShield
[2008.12.04 09:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Jpeg Resampler
[2007.03.01 16:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Lavasoft
[2010.06.14 11:15:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\m
[2005.06.24 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Macromedia
[2009.12.21 12:09:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Libor\Data aplikací\Microsoft
[2009.01.14 10:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Nokia
[2008.09.01 14:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Opera
[2009.04.06 08:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\PC Suite
[2010.05.13 17:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Skype
[2010.07.30 11:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\SolidDocuments
[2008.09.01 14:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Sun
[2010.09.02 16:01:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\SUPERAntiSpyware.com
[2010.01.27 12:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\U3
[2007.02.19 15:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\URSoft
[2010.04.06 12:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\VitySoft
[2009.11.12 10:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Windows Search
[2010.04.13 17:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\WinRAR
[2008.04.10 10:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XCPCSync.OEM
[2005.06.23 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\XnView
[2007.10.17 11:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Libor\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2005.02.04 06:08:00 | 001,046,016 | ---- | M] (Info soft) -- C:\Documents and Settings\Libor\Data aplikací\drivers\winupgro.exe
[2010.09.03 08:02:00 | 001,377,284 | ---- | M] () -- C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe
[2009.09.08 10:52:02 | 000,012,286 | R--- | M] () -- C:\Documents and Settings\Libor\Data aplikací\Microsoft\Installer\{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}\ARPPRODUCTICON.exe
[2009.09.08 10:52:02 | 000,053,248 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Libor\Data aplikací\Microsoft\Installer\{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}\NewShortcut1_F0275E0E560C48EC9C00AAA081D9B060.exe
[2009.09.08 10:52:02 | 000,002,238 | R--- | M] () -- C:\Documents and Settings\Libor\Data aplikací\Microsoft\Installer\{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}\NewShortcut2_F9EC847C405449A09490328CB57F8BEC.exe
File not found -- C:\Documents and Settings\Libor\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Libor\Data aplikací\U3\temp\Launchpad Removal.exe
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.09.22 09:27:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.08.06 11:33:35 | 000,716,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2005.06.21 17:21:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005.06.21 17:21:43 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.06.21 17:21:43 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.02 12:23:39 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2010.09.02 12:23:39 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2010.09.03 08:00:18 | 000,021,961 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.09.02 15:16:25 | 000,121,342 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.09.02 15:16:25 | 000,109,492 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.09.02 15:16:25 | 000,542,280 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.09.02 15:16:25 | 000,545,414 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.09.02 15:16:25 | 001,296,424 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.09.03 08:01:46 | 000,007,168 | ---- | M] () -- C:\WINDOWS\system32\srosa2.sys
[2010.09.03 07:59:58 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
========== Files - Unicode (All) ==========
[2009.04.08 13:10:40 | 000,000,000 | ---D | M](C:\Documents and Settings\Libor\Data aplikac?) -- C:\Documents and Settings\Libor\Data aplikac�
[2006.08.02 11:54:16 | 000,000,000 | ---D | M](C:\Documents and Settings\Libor\Data aplikac?acromedia) -- C:\Documents and Settings\Libor\Data aplikac�acromedia
(C:\Documents and Settings\Libor\Data aplikac?acromedia) -- C:\Documents and Settings\Libor\Data aplikac�acromedia
(C:\Documents and Settings\Libor\Data aplikac?) -- C:\Documents and Settings\Libor\Data aplikac�
< End of report >
Musel jsem to rozdělit do dvou zpráv. Zpráva byla delší než 60000 znaků.
Re: Nelze spustit žádný antivir
Zde je Extras.txt:
OTL Extras logfile created on: 3.9.2010 8:23:24 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Libor\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,78 Gb Total Space | 11,62 Gb Free Space | 22,89% Space Free | Partition Type: NTFS
Drive D: | 98,27 Gb Total Space | 13,58 Gb Free Space | 13,82% Space Free | Partition Type: NTFS
Drive E: | 186,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 192,31 Gb Total Space | 173,90 Gb Free Space | 90,43% Space Free | Partition Type: NTFS
Computer Name: PRM
Current User Name: Libor
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.scr [@ = scrfile] -- "%1" /s
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client3] -- "C:\Program Files\Fotostar\Fotostar Offline client3\Fotostar Offline client3.exe" "%1" ()
Directory [JpegResamplerDir] -- "C:\DOCUME~1\Libor\LOCALS~1\Temp\7zO12.tmp\JpegResampler.exe" "%1" File not found
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"8605:TCP" = 8605:TCP:*:Enabled:Remote Administrator Control Server, TCP port 8605
"3499:TCP" = 3499:TCP:*:Enabled:strong
"8600:TCP" = 8600:TCP:*:Enabled:Remote Administrator Control Server, TCP port 8600
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\Adobe\GoLive CS_ENG\GoLive.exe" = C:\Program Files\Adobe\GoLive CS_ENG\GoLive.exe:*:Enabled:Adobe GoLive Application -- (Adobe Systems Incorporated)
"E:\BIN\WIN32\PLAYER.EXE" = E:\BIN\WIN32\PLAYER.EXE:*:Enabled:Macromedia Projector -- File not found
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe:*:Enabled:Adaptive Server Anywhere ISQL -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe" = C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe:*:Enabled:Sybase Central -- (Info soft)
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"D:\Strong DC++ 2.12\StrongDC.exe" = D:\Strong DC++ 2.12\StrongDC.exe:*:Enabled:StrongDC.exe -- File not found
"D:\Strong DC++ 2.22\StrongDC.exe" = D:\Strong DC++ 2.22\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\abf3\FTP.EXE" = C:\abf3\FTP.EXE:*:Enabled:Program pro přenos souborů (FTP) -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Disabled:µTorrent -- File not found
"C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe" = C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Disabled:ICQ6 -- File not found
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Disabled:ICQ6 -- (ICQ, LLC.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0781E68B-913E-4ED4-A8BA-4DD2612BA514}" = SPZ 2006 SQL
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{176B7642-72A8-49D0-8EC4-26D59D8E21B2}" = Klient Správy přístupových práv v systému Windows s aktualizací Service Pack 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F0337D1-0809-4DC1-9265-EB063C3C6841}" = Zoner Photo Print
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{219BB7DF-83BA-44C6-A362-D17981FBD285}" = GPS Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23E5C72C-CC08-4EE0-9CC2-D925B232B331}" = Microsoft MSDN 2005 Express Edition - ENU
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37D19D22-032C-469E-822B-9F8BD743106E}" = Tiger Woods PGA Tour Golf
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = XTB-Trader 4.0 Contest 4.00
"{4908C75E-E5E2-43F7-B1DF-023CBA831029}" = Nero 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4C93C363-414E-11D4-9756-00C04F8EEB39}" = Macromedia Flash 5
"{4E60318E-42B4-4C48-948B-C56F65E8708A}" = ArcSoft Software Suite
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5265664F-6128-405C-9225-9782A85954FD}" = USB Scanner
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{56BFAA6E-2BCC-4AED-9233-84731E66B205}" = Solid Converter PDF
"{577AD794-8B34-40B4-9E7A-BE4CFFE396E6}" = Microsoft Visual Basic 2005 Express Edition - ENU
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70858C67-8761-4444-895A-0A8B2E9E144E}" = Opera 10.61
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77D2A9D3-5800-43E3-B274-87841BC87DB2}" = Adobe ExtendScript Toolkit 2
"{79E33D8A-56D7-4A42-9180-D991426C8C29}" = Zoner Web Gallery
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81D62C32-0984-11D3-86CD-00105AD33021}" = Caere Scan Manager 5.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}" = Adobe Setup
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{90300405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}" = Kontrola české gramatiky pro sadu Microsoft Office 2003
"{A908E57D-71A3-4AE1-9A76-C239521BBED9}" = Microsoft Kalkulačka+
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A958E835-BDF0-473F-9DC1-0D952C941625}" = Spb Mobile DVD
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2B0FD55-03C2-4B7F-A67F-C042C260371F}" = SQL Anywhere Studio 9, Documentation
"{D3E4251D-8364-4698-B0E0-A7C799384403}" = Adobe GoLive CS (ENG)
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F653AB56-DB37-415B-8DDD-EF5BC1982150}" = SQL Anywhere Studio 9, Software
"{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}" = Mobile Golf Scorer
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6)
"7-Zip" = 7-Zip 4.15 beta
"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Acrobat Reader for Pocket PC 1.0" = Adobe Acrobat Reader for Pocket PC 1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"AnyDVD" = AnyDVD
"A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover 1.6
"ASUS Probe V2.23.01" = ASUS Probe V2.23.01
"AsusUpdate" = AsusUpdate
"AutoGK" = Auto Gordian Knot 2.20
"avast!" = avast! Antivirus
"AVI ReComp" = AVI ReComp 1.3.0
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8)
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"C-Media Audio Driver" = C-Media High Definition Audio Driver
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client3" = Fotostar Offline client3
"Glary Utilities_is1" = Glary Utilities 2.21.0.863
"GPL Ghostscript 8.60" = GPL Ghostscript 8.60
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"IconArt" = IconArt
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Img2Ozf_is1" = Img2Ozf Version 2
"Kompass Dll_is1" = Kompass Dll Version 1.00
"Lexicon 4.0" = Lingea Lexicon 2002
"LYNX BLACK" = LYNX BLACK
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft MSDN 2005 Express Edition - ENU" = Microsoft MSDN 2005 Express Edition - ENU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Basic 2005 Express Edition - ENU" = Microsoft Visual Basic 2005 Express Edition - ENU
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OziExplorer 3.95_is1" = OziExplorer 3.95
"OziExplorer3D_is1" = OziExplorer3D Version 1.08
"PROR" = Zkušební verze produktu Microsoft Office Professional 2007
"QuickTime" = QuickTime
"Recognita Plus 5.0" = Recognita Plus 5.0
"Remote Administrator Control Client_is1" = Remote Administrator Control Client 3.5.0
"Remote Administrator Control Server_is1" = Remote Administrator Control Server 3.5.0
"ShrinkTo5 GUI" = ShrinkTo5 GUI
"Skype™ for Pocket PC_is1" = Skype™ for Pocket PC 1.1
"SmartSerialMail_is1" = SmartSerialMail V3.3.1 Evaluation Version
"Spb Pocket Plus" = Spb Pocket Plus
"Spb Weather" = Spb Weather
"ToolbarICQToolbar.ICQToolbarObjectIEToolbar" = ICQ Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"v20000_is1" = AddAce 2.0 - EVALUATION EDITION
"Visual Basic 6.0 Professional Edition" = Microsoft Visual Basic 6.0 Professional Edition
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"X-Fonter_is1" = X-Fonter 6.1
"XnView_is1" = XnView 1.74
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.1.2 final uninstall
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Zoner Photo Client 3" = Zoner Photo Client 3
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL Extras logfile created on: 3.9.2010 8:23:24 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Libor\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,78 Gb Total Space | 11,62 Gb Free Space | 22,89% Space Free | Partition Type: NTFS
Drive D: | 98,27 Gb Total Space | 13,58 Gb Free Space | 13,82% Space Free | Partition Type: NTFS
Drive E: | 186,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 192,31 Gb Total Space | 173,90 Gb Free Space | 90,43% Space Free | Partition Type: NTFS
Computer Name: PRM
Current User Name: Libor
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.scr [@ = scrfile] -- "%1" /s
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client3] -- "C:\Program Files\Fotostar\Fotostar Offline client3\Fotostar Offline client3.exe" "%1" ()
Directory [JpegResamplerDir] -- "C:\DOCUME~1\Libor\LOCALS~1\Temp\7zO12.tmp\JpegResampler.exe" "%1" File not found
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"8605:TCP" = 8605:TCP:*:Enabled:Remote Administrator Control Server, TCP port 8605
"3499:TCP" = 3499:TCP:*:Enabled:strong
"8600:TCP" = 8600:TCP:*:Enabled:Remote Administrator Control Server, TCP port 8600
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\Adobe\GoLive CS_ENG\GoLive.exe" = C:\Program Files\Adobe\GoLive CS_ENG\GoLive.exe:*:Enabled:Adobe GoLive Application -- (Adobe Systems Incorporated)
"E:\BIN\WIN32\PLAYER.EXE" = E:\BIN\WIN32\PLAYER.EXE:*:Enabled:Macromedia Projector -- File not found
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe:*:Enabled:Adaptive Server Anywhere ISQL -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe" = C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe:*:Enabled:Sybase Central -- (Info soft)
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"D:\Strong DC++ 2.12\StrongDC.exe" = D:\Strong DC++ 2.12\StrongDC.exe:*:Enabled:StrongDC.exe -- File not found
"D:\Strong DC++ 2.22\StrongDC.exe" = D:\Strong DC++ 2.22\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\abf3\FTP.EXE" = C:\abf3\FTP.EXE:*:Enabled:Program pro přenos souborů (FTP) -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Disabled:µTorrent -- File not found
"C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe" = C:\Documents and Settings\Libor\Data aplikací\m\flec006.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Disabled:ICQ6 -- File not found
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Disabled:ICQ6 -- (ICQ, LLC.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0781E68B-913E-4ED4-A8BA-4DD2612BA514}" = SPZ 2006 SQL
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{176B7642-72A8-49D0-8EC4-26D59D8E21B2}" = Klient Správy přístupových práv v systému Windows s aktualizací Service Pack 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F0337D1-0809-4DC1-9265-EB063C3C6841}" = Zoner Photo Print
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{219BB7DF-83BA-44C6-A362-D17981FBD285}" = GPS Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23E5C72C-CC08-4EE0-9CC2-D925B232B331}" = Microsoft MSDN 2005 Express Edition - ENU
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 20
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37D19D22-032C-469E-822B-9F8BD743106E}" = Tiger Woods PGA Tour Golf
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = XTB-Trader 4.0 Contest 4.00
"{4908C75E-E5E2-43F7-B1DF-023CBA831029}" = Nero 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4C93C363-414E-11D4-9756-00C04F8EEB39}" = Macromedia Flash 5
"{4E60318E-42B4-4C48-948B-C56F65E8708A}" = ArcSoft Software Suite
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5265664F-6128-405C-9225-9782A85954FD}" = USB Scanner
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{56BFAA6E-2BCC-4AED-9233-84731E66B205}" = Solid Converter PDF
"{577AD794-8B34-40B4-9E7A-BE4CFFE396E6}" = Microsoft Visual Basic 2005 Express Edition - ENU
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70858C67-8761-4444-895A-0A8B2E9E144E}" = Opera 10.61
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77D2A9D3-5800-43E3-B274-87841BC87DB2}" = Adobe ExtendScript Toolkit 2
"{79E33D8A-56D7-4A42-9180-D991426C8C29}" = Zoner Web Gallery
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81D62C32-0984-11D3-86CD-00105AD33021}" = Caere Scan Manager 5.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}" = Adobe Setup
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{90300405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}" = Kontrola české gramatiky pro sadu Microsoft Office 2003
"{A908E57D-71A3-4AE1-9A76-C239521BBED9}" = Microsoft Kalkulačka+
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A958E835-BDF0-473F-9DC1-0D952C941625}" = Spb Mobile DVD
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2B0FD55-03C2-4B7F-A67F-C042C260371F}" = SQL Anywhere Studio 9, Documentation
"{D3E4251D-8364-4698-B0E0-A7C799384403}" = Adobe GoLive CS (ENG)
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F653AB56-DB37-415B-8DDD-EF5BC1982150}" = SQL Anywhere Studio 9, Software
"{F65AFC76-FE1B-4991-A3CF-FA172450A2A5}" = Mobile Golf Scorer
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6)
"7-Zip" = 7-Zip 4.15 beta
"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Acrobat Reader for Pocket PC 1.0" = Adobe Acrobat Reader for Pocket PC 1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"AnyDVD" = AnyDVD
"A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover 1.6
"ASUS Probe V2.23.01" = ASUS Probe V2.23.01
"AsusUpdate" = AsusUpdate
"AutoGK" = Auto Gordian Knot 2.20
"avast!" = avast! Antivirus
"AVI ReComp" = AVI ReComp 1.3.0
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8)
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"C-Media Audio Driver" = C-Media High Definition Audio Driver
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client3" = Fotostar Offline client3
"Glary Utilities_is1" = Glary Utilities 2.21.0.863
"GPL Ghostscript 8.60" = GPL Ghostscript 8.60
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"IconArt" = IconArt
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Img2Ozf_is1" = Img2Ozf Version 2
"Kompass Dll_is1" = Kompass Dll Version 1.00
"Lexicon 4.0" = Lingea Lexicon 2002
"LYNX BLACK" = LYNX BLACK
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft MSDN 2005 Express Edition - ENU" = Microsoft MSDN 2005 Express Edition - ENU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Basic 2005 Express Edition - ENU" = Microsoft Visual Basic 2005 Express Edition - ENU
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OziExplorer 3.95_is1" = OziExplorer 3.95
"OziExplorer3D_is1" = OziExplorer3D Version 1.08
"PROR" = Zkušební verze produktu Microsoft Office Professional 2007
"QuickTime" = QuickTime
"Recognita Plus 5.0" = Recognita Plus 5.0
"Remote Administrator Control Client_is1" = Remote Administrator Control Client 3.5.0
"Remote Administrator Control Server_is1" = Remote Administrator Control Server 3.5.0
"ShrinkTo5 GUI" = ShrinkTo5 GUI
"Skype™ for Pocket PC_is1" = Skype™ for Pocket PC 1.1
"SmartSerialMail_is1" = SmartSerialMail V3.3.1 Evaluation Version
"Spb Pocket Plus" = Spb Pocket Plus
"Spb Weather" = Spb Weather
"ToolbarICQToolbar.ICQToolbarObjectIEToolbar" = ICQ Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"v20000_is1" = AddAce 2.0 - EVALUATION EDITION
"Visual Basic 6.0 Professional Edition" = Microsoft Visual Basic 6.0 Professional Edition
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebPost" = Microsoft Web Publishing Wizard 1.53
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"X-Fonter_is1" = X-Fonter 6.1
"XnView_is1" = XnView 1.74
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.1.2 final uninstall
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3315528086-514123159-2874609403-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Zoner Photo Client 3" = Zoner Photo Client 3
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nelze spustit žádný antivir
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\siusbmod.sys -- (siusbmod)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\glaide32.sys -- (glaide32)
DRV - File not found [File_System | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.03 08:01:46 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\srosa2.sys -- (sK9Ou0s)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.06.14 10:52:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\drivers
[2010.09.02 12:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.14 11:15:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Libor\Data aplikací\mRe: Nelze spustit žádný antivir
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 29163 bytes
->Temporary Internet Files folder emptied: 123411 bytes
->Opera cache emptied: 353788 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Libor
->Temp folder emptied: 92017829 bytes
->Temporary Internet Files folder emptied: 426192337 bytes
->Java cache emptied: 67753547 bytes
->Opera cache emptied: 121395837 bytes
->Flash cache emptied: 41877 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 11484352 bytes
User: NetworkService
->Temp folder emptied: 1422950 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19593 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 121077 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 49433838 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 309775412 bytes
Total Files Cleaned = 1 030,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: Libor
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
========== OTL ==========
Service siusbmod stopped successfully!
Service siusbmod deleted successfully!
File C:\WINDOWS\System32\DRIVERS\siusbmod.sys not found.
Service glaide32 stopped successfully!
Service glaide32 deleted successfully!
File C:\WINDOWS\System32\drivers\glaide32.sys not found.
Service aswFsBlk stopped successfully!
Service aswFsBlk deleted successfully!
File C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys not found.
Service sK9Ou0s stopped successfully!
Service sK9Ou0s deleted successfully!
C:\WINDOWS\system32\srosa2.sys moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
File delete failed. C:\WINDOWS\S16442130.tmp scheduled to be deleted on reboot.
C:\Documents and Settings\Libor\Data aplikací\drivers folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\Logs folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\HubLists folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\FileLists folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\Certificates folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings folder moved successfully.
Folder move failed. C:\Documents and Settings\Libor\Data aplikací\m scheduled to be moved on reboot.
OTL by OldTimer - Version 3.2.11.0 log created on 09032010_141450
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\S16442130.tmp scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Libor\Data aplikací\m scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 29163 bytes
->Temporary Internet Files folder emptied: 123411 bytes
->Opera cache emptied: 353788 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Libor
->Temp folder emptied: 92017829 bytes
->Temporary Internet Files folder emptied: 426192337 bytes
->Java cache emptied: 67753547 bytes
->Opera cache emptied: 121395837 bytes
->Flash cache emptied: 41877 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 11484352 bytes
User: NetworkService
->Temp folder emptied: 1422950 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19593 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 121077 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 49433838 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 309775412 bytes
Total Files Cleaned = 1 030,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: Libor
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
========== OTL ==========
Service siusbmod stopped successfully!
Service siusbmod deleted successfully!
File C:\WINDOWS\System32\DRIVERS\siusbmod.sys not found.
Service glaide32 stopped successfully!
Service glaide32 deleted successfully!
File C:\WINDOWS\System32\drivers\glaide32.sys not found.
Service aswFsBlk stopped successfully!
Service aswFsBlk deleted successfully!
File C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys not found.
Service sK9Ou0s stopped successfully!
Service sK9Ou0s deleted successfully!
C:\WINDOWS\system32\srosa2.sys moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
File delete failed. C:\WINDOWS\S16442130.tmp scheduled to be deleted on reboot.
C:\Documents and Settings\Libor\Data aplikací\drivers folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\Logs folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\HubLists folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\FileLists folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings\Certificates folder moved successfully.
C:\Documents and Settings\Libor\Data aplikací\m\Settings folder moved successfully.
Folder move failed. C:\Documents and Settings\Libor\Data aplikací\m scheduled to be moved on reboot.
OTL by OldTimer - Version 3.2.11.0 log created on 09032010_141450
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\S16442130.tmp scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Libor\Data aplikací\m scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nelze spustit žádný antivir
Postupujte podle návodu http://www.bleepingcomputer.com/combofi ... t-combofix
Re: Nelze spustit žádný antivir
Nejde spustit - Stále to hlásí že Combofix není platná aplikace typu win32
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nelze spustit žádný antivir
OK, Děkuji omlouvám se, ale pokračovat můžu až v pondělí 
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nelze spustit žádný antivir
Stažený ComboFix ani po přejmenování nešel spustit. Proto jsem ho stáhl znova a už při ukládání na plochu jsem ho přejmenoval. Pak spustit šel. Celý proces proběhl zhruba dle návodu +- nějaký restart. Tady je výsledný log:
ComboFix 10-09-04.06 - Libor 06.09.2010 9:00.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2860 [GMT 2:00]
Spuštěný z: c:\documents and settings\Libor\Plocha\cokoliv.com
AV: avast! antivirus 4.8.1368 [VPS 100613-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Libor\Data aplikací\drivers\downld
c:\documents and settings\Libor\Data aplikací\drivers\downld\260406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\261593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\262187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\262562.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\263078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\286734.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\287687.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\289125.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\289312.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\289593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\290109.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\290296.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\290859.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\291078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\292265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\292984.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\293609.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\294078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\295375.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\296171.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\297187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\298062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\298265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\298640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\299015.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\299171.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\300515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\301734.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\302015.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\302515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\303390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\303500.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\304453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\305109.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\305500.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\305750.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\306265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\306546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\307218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\307890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308843.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\309984.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\311406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\311640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\311796.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\312453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\312625.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\314765.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\316968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\317781.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\318671.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\319718.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\320421.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\321687.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\321937.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\322390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\322593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\324578.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\325187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\326312.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\326859.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\327781.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\328468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\329625.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\330593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\331156.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\331437.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\331890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\332265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\332484.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\332984.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\333187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\333593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\335593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\337578.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\337703.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\337828.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\339109.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\341796.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\342796.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\386078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\386500.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\386671.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\387000.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\387375.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\388250.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\388828.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\389640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\390890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\392437.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\393562.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\393671.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\393812.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\394375.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\394593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\396031.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\397140.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\397437.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\398078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\398218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\398468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\399062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\405765.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\406468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\407140.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\408484.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\409453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\411546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\412078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\412390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\412515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\414390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\416218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\417234.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\418093.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\419593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\420453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\421515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\422234.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\422515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\422625.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\423218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\423453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\425328.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426250.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\427875.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\428968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\429718.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\430015.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\430546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\431046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\431578.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\433218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\435046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\435406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\436203.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\436890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\437421.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\438171.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\438718.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\439468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\439828.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\440359.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\440546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\441343.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\442046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\442343.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\442484.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\443046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\443281.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\443890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\444640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\444937.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\445343.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\445750.exe
c:\documents and settings\Libor\Data aplikací\drivers\winupgro.exe
c:\program files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe
C:\test.txt
c:\windows\system\BCBSMP35.BPL
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-06 do 2010-09-06 )))))))))))))))))))))))))))))))
.
2010-09-03 12:14 . 2010-09-03 12:14 -------- d-----w- C:\_OTL
2010-09-02 14:08 . 2010-09-02 14:08 -------- d-----w- c:\program files\trend micro
2010-09-02 14:08 . 2010-09-02 14:08 -------- d-----w- C:\rsit
2010-09-02 12:53 . 2010-09-02 12:53 -------- d-----w- C:\46c1a25689023fa07eea470afddf51
2010-09-02 11:24 . 2006-03-02 12:00 18944 -c--a-w- c:\windows\system32\dllcache\simptcp.dll
2010-09-02 11:24 . 2006-03-02 12:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2010-09-02 10:22 . 2010-09-06 07:00 -------- d-----w- c:\windows\system32\CatRoot2
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 06:37 . 2010-06-14 08:55 -------- d-----w- c:\program files\e
2010-09-03 13:35 . 2007-12-06 11:23 0 --sh--w- c:\windows\S16442130.tmp
2010-09-02 13:16 . 2005-06-21 15:16 542280 ----a-w- c:\windows\system32\perfh005.dat
2010-09-02 13:16 . 2005-06-21 15:16 121342 ----a-w- c:\windows\system32\perfc005.dat
2010-09-02 11:28 . 2009-11-11 18:06 -------- d-----w- c:\program files\Windows Desktop Search
2010-09-02 11:16 . 2010-04-15 11:03 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-09-02 11:14 . 2005-12-25 10:20 -------- d-----w- c:\program files\AviSynth 2.5
2010-08-18 11:31 . 2006-06-26 11:30 -------- d-----w- c:\program files\Cherrysoft
2010-08-18 11:27 . 2005-12-25 10:19 -------- d-----w- c:\program files\Gabest
2010-08-18 11:26 . 2006-02-26 13:57 -------- d-----w- c:\program files\Yahoo!
2010-08-18 11:18 . 2007-01-17 11:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-18 11:15 . 2005-06-21 13:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-18 11:09 . 2007-08-13 14:13 -------- d-----w- c:\program files\ICQToolbar
2010-08-18 11:06 . 2006-09-26 11:04 -------- d-----w- c:\program files\Hewlett-Packard
2010-08-18 11:04 . 2006-04-13 14:52 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-08-16 06:41 . 2008-09-01 12:44 -------- d-----w- c:\program files\Opera
2010-07-20 08:28 . 2010-05-18 07:11 -------- d-----w- c:\program files\FormStudio
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DBISQL9"="c:\program files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe" [2006-01-11 135168]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Probe"="c:\program files\ASUS\Probe\AsusProb.exe" [2002-12-06 617984]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-02 204800]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-02 172032]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2004-09-02 57344]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2010-09-06 866584]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-04-01 5562368]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2008-4-21 295606]
Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-12-6 576104]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RACServerLogon]
2009-02-22 07:56 62736 ----a-w- c:\windows\system32\RACServerLogon2.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Action Manager 32.lnk]
backup=c:\windows\pss\Action Manager 32.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-11-10 15:19 1051648 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
2002-02-04 20:32 53248 ------w- c:\program files\REGSHAVE\REGSHAVE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"InCDsrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Adobe\\GoLive CS_ENG\\GoLive.exe"=
"c:\\Program Files\\Sybase\\SQL Anywhere 9\\win32\\dbeng9.exe"=
"c:\\Program Files\\Sybase\\SQL Anywhere 9\\win32\\dbisqlg.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"d:\\Strong DC++ 2.22\\StrongDC.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\abf3\\FTP.EXE"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Libor\\Data aplikací\\m\\flec006.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"8605:TCP"= 8605:TCP:Remote Administrator Control Server, TCP port 8605
"3499:TCP"= 3499:TCP:strong
"8600:TCP"= 8600:TCP:Remote Administrator Control Server, TCP port 8600
R2 Iprip;Naslouchání RIP;c:\windows\System32\svchost.exe -k netsvcs [21.6.2005 17:16 14336]
R2 MSSQL$SPZSQL2006;MSSQL$SPZSQL2006;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe -sSPZSQL2006 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe -sSPZSQL2006 [?]
R2 PCNetSoftware RAC Server;PCNetSoftware RAC Server;c:\program files\PCNetSoftware\RAC Server\RACs.exe [18.3.2009 14:55 3745040]
R2 RACDriver;RAC driver;c:\program files\PCNetSoftware\RAC Server\RACDriver.sys [18.3.2009 14:55 8208]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSID9.tmp [13.5.2010 9:27 189760]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [22.6.2005 9:57 1275584]
R3 racmirror;racmirror;c:\windows\system32\drivers\racmirror.sys [18.3.2009 14:55 32784]
S1 aswSP;avast! Self Protection; [x]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.2.2010 9:52 135664]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\Libor\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\Libor\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 SQLAgent$SPZSQL2006;SQLAgent$SPZSQL2006;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlagent.EXE -i SPZSQL2006 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlagent.EXE -i SPZSQL2006 [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.8.2008 11:33 716272]
S4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 20:19 13592]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-06 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-01-08 11:03]
2010-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 07:52]
2010-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 07:52]
2010-09-03 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
2010-09-06 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
2010-09-06 c:\windows\Tasks\User_Feed_Synchronization-{19855D51-09FF-4CC1-815C-34C0775FB6A5}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {B10BA91D-FEC2-4B2E-A910-9BEC10461BD2} = 212.47.0.4,212.47.1.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-SybaseCentral43 - c:\program files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 09:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSID9.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\RACServerLogon2.dll
- - - - - - - > 'explorer.exe'(596)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Celkový čas: 2010-09-06 09:26:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-06 07:26
Před spuštěním: Volných bajtů: 13 262 446 592
Po spuštění: Volných bajtů: 13 130 428 416
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 116962D5D0B3E0337EAAF75A1B4821C8
ComboFix 10-09-04.06 - Libor 06.09.2010 9:00.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2860 [GMT 2:00]
Spuštěný z: c:\documents and settings\Libor\Plocha\cokoliv.com
AV: avast! antivirus 4.8.1368 [VPS 100613-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Libor\Data aplikací\drivers\downld
c:\documents and settings\Libor\Data aplikací\drivers\downld\260406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\261593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\262187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\262562.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\263078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\286734.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\287687.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\289125.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\289312.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\289593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\290109.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\290296.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\290859.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\291078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\292265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\292984.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\293609.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\294078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\295375.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\296171.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\297187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\298062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\298265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\298640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\299015.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\299171.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\300515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\301734.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\302015.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\302515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\303390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\303500.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\304453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\305109.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\305500.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\305750.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\306265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\306546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\307218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\307890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308843.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\308968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\309984.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\311406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\311640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\311796.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\312453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\312625.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\314765.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\316968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\317781.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\318671.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\319718.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\320421.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\321687.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\321937.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\322390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\322593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\324578.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\325187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\326312.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\326859.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\327781.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\328468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\329625.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\330593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\331156.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\331437.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\331890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\332265.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\332484.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\332984.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\333187.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\333593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\335593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\337578.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\337703.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\337828.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\339109.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\341796.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\342796.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\386078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\386500.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\386671.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\387000.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\387375.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\388250.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\388828.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\389640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\390890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\392437.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\393562.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\393671.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\393812.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\394375.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\394593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\396031.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\397140.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\397437.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\398078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\398218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\398468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\399062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\405765.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\406468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\407140.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\408484.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\409453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\411546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\412078.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\412390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\412515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\414390.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\416218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\417234.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\418093.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\419593.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\420453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\421515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\422234.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\422515.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\422625.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\423218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\423453.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\425328.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426062.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426250.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\426968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\427875.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\428968.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\429718.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\430015.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\430546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\431046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\431578.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\433218.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\435046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\435406.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\436203.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\436890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\437421.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\438171.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\438718.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\439468.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\439828.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\440359.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\440546.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\441343.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\442046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\442343.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\442484.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\443046.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\443281.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\443890.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\444640.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\444937.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\445343.exe
c:\documents and settings\Libor\Data aplikací\drivers\downld\445750.exe
c:\documents and settings\Libor\Data aplikací\drivers\winupgro.exe
c:\program files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe
C:\test.txt
c:\windows\system\BCBSMP35.BPL
c:\windows\system32\srosa2.sys
c:\windows\system32\wfsintwq.sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-06 do 2010-09-06 )))))))))))))))))))))))))))))))
.
2010-09-03 12:14 . 2010-09-03 12:14 -------- d-----w- C:\_OTL
2010-09-02 14:08 . 2010-09-02 14:08 -------- d-----w- c:\program files\trend micro
2010-09-02 14:08 . 2010-09-02 14:08 -------- d-----w- C:\rsit
2010-09-02 12:53 . 2010-09-02 12:53 -------- d-----w- C:\46c1a25689023fa07eea470afddf51
2010-09-02 11:24 . 2006-03-02 12:00 18944 -c--a-w- c:\windows\system32\dllcache\simptcp.dll
2010-09-02 11:24 . 2006-03-02 12:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2010-09-02 10:22 . 2010-09-06 07:00 -------- d-----w- c:\windows\system32\CatRoot2
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 06:37 . 2010-06-14 08:55 -------- d-----w- c:\program files\e
2010-09-03 13:35 . 2007-12-06 11:23 0 --sh--w- c:\windows\S16442130.tmp
2010-09-02 13:16 . 2005-06-21 15:16 542280 ----a-w- c:\windows\system32\perfh005.dat
2010-09-02 13:16 . 2005-06-21 15:16 121342 ----a-w- c:\windows\system32\perfc005.dat
2010-09-02 11:28 . 2009-11-11 18:06 -------- d-----w- c:\program files\Windows Desktop Search
2010-09-02 11:16 . 2010-04-15 11:03 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-09-02 11:14 . 2005-12-25 10:20 -------- d-----w- c:\program files\AviSynth 2.5
2010-08-18 11:31 . 2006-06-26 11:30 -------- d-----w- c:\program files\Cherrysoft
2010-08-18 11:27 . 2005-12-25 10:19 -------- d-----w- c:\program files\Gabest
2010-08-18 11:26 . 2006-02-26 13:57 -------- d-----w- c:\program files\Yahoo!
2010-08-18 11:18 . 2007-01-17 11:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-18 11:15 . 2005-06-21 13:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-18 11:09 . 2007-08-13 14:13 -------- d-----w- c:\program files\ICQToolbar
2010-08-18 11:06 . 2006-09-26 11:04 -------- d-----w- c:\program files\Hewlett-Packard
2010-08-18 11:04 . 2006-04-13 14:52 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-08-16 06:41 . 2008-09-01 12:44 -------- d-----w- c:\program files\Opera
2010-07-20 08:28 . 2010-05-18 07:11 -------- d-----w- c:\program files\FormStudio
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DBISQL9"="c:\program files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe" [2006-01-11 135168]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Probe"="c:\program files\ASUS\Probe\AsusProb.exe" [2002-12-06 617984]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-02 204800]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-02 172032]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2004-09-02 57344]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2010-09-06 866584]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-04-01 5562368]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2008-4-21 295606]
Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-12-6 576104]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RACServerLogon]
2009-02-22 07:56 62736 ----a-w- c:\windows\system32\RACServerLogon2.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Action Manager 32.lnk]
backup=c:\windows\pss\Action Manager 32.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-11-10 15:19 1051648 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
2002-02-04 20:32 53248 ------w- c:\program files\REGSHAVE\REGSHAVE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"InCDsrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Adobe\\GoLive CS_ENG\\GoLive.exe"=
"c:\\Program Files\\Sybase\\SQL Anywhere 9\\win32\\dbeng9.exe"=
"c:\\Program Files\\Sybase\\SQL Anywhere 9\\win32\\dbisqlg.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"d:\\Strong DC++ 2.22\\StrongDC.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\abf3\\FTP.EXE"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Libor\\Data aplikací\\m\\flec006.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"8605:TCP"= 8605:TCP:Remote Administrator Control Server, TCP port 8605
"3499:TCP"= 3499:TCP:strong
"8600:TCP"= 8600:TCP:Remote Administrator Control Server, TCP port 8600
R2 Iprip;Naslouchání RIP;c:\windows\System32\svchost.exe -k netsvcs [21.6.2005 17:16 14336]
R2 MSSQL$SPZSQL2006;MSSQL$SPZSQL2006;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe -sSPZSQL2006 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe -sSPZSQL2006 [?]
R2 PCNetSoftware RAC Server;PCNetSoftware RAC Server;c:\program files\PCNetSoftware\RAC Server\RACs.exe [18.3.2009 14:55 3745040]
R2 RACDriver;RAC driver;c:\program files\PCNetSoftware\RAC Server\RACDriver.sys [18.3.2009 14:55 8208]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSID9.tmp [13.5.2010 9:27 189760]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [22.6.2005 9:57 1275584]
R3 racmirror;racmirror;c:\windows\system32\drivers\racmirror.sys [18.3.2009 14:55 32784]
S1 aswSP;avast! Self Protection; [x]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.2.2010 9:52 135664]
S3 SliceDisk5;SliceDisk5;\??\c:\docume~1\Libor\LOCALS~1\Temp\FindAndMount\slicedisk.sys --> c:\docume~1\Libor\LOCALS~1\Temp\FindAndMount\slicedisk.sys [?]
S3 SQLAgent$SPZSQL2006;SQLAgent$SPZSQL2006;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlagent.EXE -i SPZSQL2006 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlagent.EXE -i SPZSQL2006 [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.8.2008 11:33 716272]
S4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 20:19 13592]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-06 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-01-08 11:03]
2010-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 07:52]
2010-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 07:52]
2010-09-03 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
2010-09-06 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
2010-09-06 c:\windows\Tasks\User_Feed_Synchronization-{19855D51-09FF-4CC1-815C-34C0775FB6A5}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {B10BA91D-FEC2-4B2E-A910-9BEC10461BD2} = 212.47.0.4,212.47.1.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-SybaseCentral43 - c:\program files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 09:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSID9.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\RACServerLogon2.dll
- - - - - - - > 'explorer.exe'(596)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2006\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Celkový čas: 2010-09-06 09:26:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-06 07:26
Před spuštěním: Volných bajtů: 13 262 446 592
Po spuštění: Volných bajtů: 13 130 428 416
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 116962D5D0B3E0337EAAF75A1B4821C8
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nelze spustit žádný antivir
Pokud nemáte, přesuňte Combofix na plochu
- Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.
Kód: Vybrat vše
DirLook::
c:\program files\e
File::
c:\windows\S16442130.tmp
RegLock::
[HKEY_USERS\S-1-5-21-3315528086-514123159-2874609403-1004\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
- Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
- Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
- Po aplikaci na Vás vypadne další log,vložte ho sem
Re: Nelze spustit žádný antivir
Ten log je hrozně dlouhý přes 320000 znaků. Tady je odkaz http://www.jagerbataillon.net/foto/log.txt kam jsem log.txt uložil.
Přispějete na provoz fóra?