Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

problém se sekáním počítace

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
Marek-26
Přítel fóra
Přítel fóra
Příspěvky: 1000
Registrován: 16 pro 2006 15:53
Bydliště: Brüx/Praha

Re: problém se sekáním počítace

#16 Příspěvek od Marek-26 »

Zelený text nakopírujte do poznámkového bloku a uložte jako oprava.reg a poté spusťte :wink:

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccyvUKa]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{1ada5379-acc9-4305-92cf-674544c5e31e}"=-
Poté klikněte na T-Cleaner v mém podpisu, stáhněte a spusťte :wink:
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#17 Příspěvek od berunka-b3 »

Tak hotovo. :worship:
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#18 Příspěvek od berunka-b3 »

Na Vaši radu jsem odinstalovala AVG a nainstalovala podle návodu zde na servu AVIRA ANTIVIR Personal + Zone Alarm Free a k tomu Spyware Terminator. Ještě jednou zkusím ten ComboFix.
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#19 Příspěvek od berunka-b3 »

Tak ComboFix pořád nic, zase se to restartovalo a po naběhnutí vyhodilo hlášku "Činnost systému byla obnovena po závažné chybě" :( Tak teda už nevím :ninja:
Nahoru
Uživatelský avatar
Marek-26
Přítel fóra
Přítel fóra
Příspěvky: 1000
Registrován: 16 pro 2006 15:53
Bydliště: Brüx/Praha

Re: problém se sekáním počítace

#20 Příspěvek od Marek-26 »

berunka-b3 píše:Tak ComboFix pořád nic, zase se to restartovalo a po naběhnutí vyhodilo hlášku "Činnost systému byla obnovena po závažné chybě" :( Tak teda už nevím :ninja:
Zkusím sem poslat kolegu nebo kolegyni aby se zjistilo proč při běhu CF spadne systém :o
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#21 Příspěvek od berunka-b3 »

Tak zatím děkuji. Počítač teď jede v pohodě, ale určitě tam ještě něco je, když CF nejde, tak jak má. :?: Jinak jste mi strašně moc pomohl, ještě jednou dík. :bye:
Nahoru
Uživatelský avatar
Marek-26
Přítel fóra
Přítel fóra
Příspěvky: 1000
Registrován: 16 pro 2006 15:53
Bydliště: Brüx/Praha

Re: problém se sekáním počítace

#22 Příspěvek od Marek-26 »

berunka-b3 píše:Tak zatím děkuji. Počítač teď jede v pohodě, ale určitě tam ještě něco je, když CF nejde, tak jak má. :?: Jinak jste mi strašně moc pomohl, ještě jednou dík. :bye:
Myslím si že už tam nic nebude :) Ale pro jistotu :P
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: problém se sekáním počítace

#23 Příspěvek od motji »

Hezké odpoledne :)
Prosím podívejte se do složky C:\WINDOWS\minidump, zda jsou tam nějaké soubory. Pokud ano, dejte je do zipu nebo raru a přiložte zde jako přílohu, kouknu na to :) .

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#24 Příspěvek od berunka-b3 »

Přikládám soubor. Snad je to správně :roll:
Přílohy
Mini091510-01.zip
(18.63 KiB) Staženo 35 x
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: problém se sekáním počítace

#25 Příspěvek od motji »

Je to správně :) . ještě poprosím koelgu Milinesse, ať se na ten minidump podívá, vypadá to, že tam combofix s něčím koliduje.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#26 Příspěvek od berunka-b3 »

Zde přikládám log z OTL

OTL logfile created on: 15.9.2010 15:53:06 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Michal\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 332,14 Gb Free Space | 35,66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAL-XP
Current User Name: Michal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.09.15 15:52:15 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michal\Plocha\OTL.exe
PRC - [2010.09.15 09:00:33 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.09.15 09:00:33 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010.09.15 09:00:33 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.09.07 02:10:44 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010.06.23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.06.09 19:16:35 | 000,116,104 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010.06.09 19:16:26 | 000,378,248 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2010.05.26 15:35:18 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010.05.26 15:35:14 | 000,730,600 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2010.04.01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.09.17 21:11:40 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.09.17 21:11:38 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009.04.02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.12.03 14:51:30 | 002,181,672 | ---- | M] (Gainward Co.) -- C:\Program Files\EXPERTool\TBPANEL.exe
PRC - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.07.24 18:46:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008.07.24 18:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008.05.26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003.01.16 11:32:40 | 000,049,152 | ---- | M] (Ruling Tec Pte Ltd) -- C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe


========== Modules (SafeList) ==========

MOD - [2010.09.15 15:52:15 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michal\Plocha\OTL.exe
MOD - [2010.05.26 15:35:24 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2009.07.12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009.07.12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.15 09:00:33 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.06.09 19:16:35 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010.05.26 15:35:18 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010.04.01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.24 18:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Michal\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.09.15 09:00:33 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.06.09 19:16:34 | 000,013,408 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\radpms.sys -- (radpms)
DRV - [2010.06.09 19:16:28 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.05.26 15:35:10 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010.03.17 07:18:25 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.03.01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.09.27 16:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.05.11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.07.24 18:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.05.02 10:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.05.02 10:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.03 22:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.11 14:30:08 | 000,030,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2007.10.12 16:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.05.10 18:28:08 | 004,419,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.03.16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007.03.16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2005.09.26 15:47:46 | 000,008,576 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DynCal.sys -- (DynCal)
DRV - [2005.03.16 08:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
DRV - [2005.02.09 11:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2003.02.06 13:43:24 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1482476501-839522115-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1482476501-839522115-682003330-1004\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1482476501-839522115-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.4.0.4340
FF - prefs.js..extensions.enabledItems: dave2x@download:0.5.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redi ... searchfor="

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.09.14 20:29:21 | 000,000,000 | ---D | M]

[2009.07.16 13:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions
[2010.09.13 21:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\my48ygpb.default\extensions
[2009.07.16 13:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\my48ygpb.default\extensions\dave2x@download
[2009.08.09 21:57:20 | 000,009,941 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\my48ygpb.default\searchplugins\mywebsearch.xml
[2009.08.22 21:13:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-1482476501-839522115-682003330-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe (Ruling Tec Pte Ltd)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1482476501-839522115-682003330-1004..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1482476501-839522115-682003330-1004..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKU\S-1-5-21-1482476501-839522115-682003330-1004..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1482476501-839522115-682003330-1004..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Michal\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-839522115-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1482476501-839522115-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &Download by Arles Download Manager - C:\Documents and Settings\Michal\Local Settings\Data aplikací\Ariel Download Manager\DownloadManager.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0495031484 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.111.0.10 194.213.32.237
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - File not found
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#27 Příspěvek od berunka-b3 »

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (66160230278365184)

========== Files/Folders - Created Within 30 Days ==========

[2010.09.15 15:52:15 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michal\Plocha\OTL.exe
[2010.09.15 13:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Macromedia
[2010.09.15 13:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Adobe
[2010.09.15 09:16:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.09.15 09:16:44 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.09.15 09:16:44 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.09.15 09:16:44 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.09.15 09:16:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.09.15 09:16:35 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.09.15 09:16:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.09.15 09:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010.09.15 09:00:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
[2010.09.15 09:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.09.15 09:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.09.15 08:26:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2010.09.14 20:09:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Dokumenty\ForceField Shared Files
[2010.09.14 20:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\CheckPoint
[2010.09.14 20:09:11 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.09.14 20:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\Conduit
[2010.09.14 20:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm
[2010.09.14 20:09:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\ZoneAlarm
[2010.09.14 20:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010.09.14 20:08:52 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.09.14 20:08:51 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.09.14 20:08:51 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.09.14 20:08:47 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.09.14 20:08:46 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.09.14 20:08:46 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.09.14 20:08:46 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.09.14 20:08:46 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.09.14 20:08:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010.09.14 20:08:45 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.09.14 20:08:08 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.09.14 20:08:08 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.09.14 20:08:08 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.09.14 19:43:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.09.14 19:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Avira
[2010.09.14 18:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Avira
[2010.09.14 18:53:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.09.14 18:53:19 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.09.14 18:53:19 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.09.14 18:53:19 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.09.14 18:53:19 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.09.14 18:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010.09.14 18:53:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2010.09.13 19:40:37 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010.09.12 19:59:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Malwarebytes
[2010.09.12 19:59:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.12 19:59:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.09.12 19:59:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.12 19:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.09.12 17:16:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.09.12 14:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.08 11:48:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010.08.31 14:32:54 | 000,000,000 | ---D | C] -- C:\CDSM_Designer_Alba
[2010.08.31 14:29:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\M-Photo
[2010.08.31 14:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\CDSM
[2010.08.25 12:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.25 12:53:19 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.25 12:53:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.25 12:53:19 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.24 20:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.08.24 15:32:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\NwDocx
[2010.08.24 15:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Docx2Rtf
[2010.08.24 15:29:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Dokumenty\ČÁST PRVNÍ
[2009.04.23 20:36:05 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.15 15:52:15 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michal\Plocha\OTL.exe
[2010.09.15 15:21:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.15 14:21:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.15 09:39:36 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.09.15 09:24:12 | 000,253,748 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.09.15 09:23:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.15 09:23:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.15 09:16:07 | 003,845,016 | R--- | M] () -- C:\Documents and Settings\Michal\Plocha\ComboFix.exe
[2010.09.15 09:02:17 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.09.15 09:00:33 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.09.15 08:36:41 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Michal\NTUSER.DAT
[2010.09.15 08:18:40 | 000,000,268 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\oprava.reg
[2010.09.15 07:19:30 | 000,421,443 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.09.14 20:31:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.14 20:08:53 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\ZoneAlarm Security.lnk
[2010.09.14 20:05:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.09.14 18:53:30 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2010.09.14 18:00:01 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010.09.14 08:03:19 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.09.13 20:53:02 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.13 20:06:57 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Michal\ntuser.ini
[2010.09.12 19:59:33 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.09.12 17:16:26 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.09.11 17:16:51 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.09.11 10:11:54 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\ICQ7.2.lnk
[2010.09.09 15:33:02 | 000,091,808 | ---- | M] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.09 13:46:48 | 019,657,194 | ---- | M] () -- C:\Documents and Settings\Michal\Dokumenty\vlc-1.1.4-win32.exe
[2010.09.09 07:13:22 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.09.08 12:32:51 | 000,328,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.01 16:54:17 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\prvoobjednavka- formular bez koo.xls
[2010.08.31 14:22:27 | 022,558,023 | ---- | M] () -- C:\WINDOWS\System32\CDSM_CDSM Designer_uninstaller.exe
[2010.08.25 12:49:21 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.08.24 15:39:23 | 000,244,938 | ---- | M] () -- C:\Documents and Settings\Michal\Dokumenty\ČÁST PRVNÍ.pdf
[2010.08.24 14:56:41 | 000,014,002 | ---- | M] () -- C:\Documents and Settings\Michal\Dokumenty\ČÁST PRVNÍ.docx
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.15 09:16:44 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.09.15 09:16:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.09.15 09:16:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.09.15 09:16:44 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.09.15 09:16:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.09.15 09:16:00 | 003,845,016 | R--- | C] () -- C:\Documents and Settings\Michal\Plocha\ComboFix.exe
[2010.09.15 09:02:17 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.09.15 09:00:33 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.09.15 08:18:40 | 000,000,268 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\oprava.reg
[2010.09.14 20:08:53 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\ZoneAlarm Security.lnk
[2010.09.14 20:08:45 | 000,421,443 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.09.14 18:53:30 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2010.09.12 19:59:33 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.09.12 17:16:26 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.09.12 17:16:23 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.09.11 10:11:54 | 000,001,487 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\ICQ7.2.lnk
[2010.09.09 13:45:54 | 019,657,194 | ---- | C] () -- C:\Documents and Settings\Michal\Dokumenty\vlc-1.1.4-win32.exe
[2010.09.01 16:54:17 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\prvoobjednavka- formular bez koo.xls
[2010.08.31 14:22:27 | 022,558,023 | ---- | C] () -- C:\WINDOWS\System32\CDSM_CDSM Designer_uninstaller.exe
[2010.08.24 15:39:22 | 000,244,938 | ---- | C] () -- C:\Documents and Settings\Michal\Dokumenty\ČÁST PRVNÍ.pdf
[2010.08.24 14:39:46 | 000,014,002 | ---- | C] () -- C:\Documents and Settings\Michal\Dokumenty\ČÁST PRVNÍ.docx
[2010.07.09 19:47:31 | 000,000,031 | ---- | C] () -- C:\WINDOWS\Config.ini
[2010.05.02 17:12:51 | 000,077,343 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\mdbu.bin
[2010.02.01 19:41:26 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.02.01 19:41:26 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.02.01 19:41:18 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\$_hpcst$.hpc
[2010.01.24 15:02:21 | 000,001,196 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2009.07.15 11:52:07 | 000,004,123 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.06.27 17:26:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009.06.25 13:44:50 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.06.23 16:27:28 | 000,002,148 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.06.23 16:27:20 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009.06.10 11:57:46 | 000,000,878 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.05.25 16:37:44 | 000,000,029 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\default.rss
[2009.05.25 16:37:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\downloads.m3u
[2009.05.25 15:09:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.05.16 14:39:49 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009.05.16 12:03:59 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.05.13 14:44:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.04.23 20:36:23 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\vso_ts_preview.xml
[2009.04.23 20:36:07 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.log
[2009.04.23 20:36:05 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\inst.exe
[2009.04.23 20:36:05 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.cat
[2009.04.23 20:36:05 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.inf
[2009.04.23 15:43:37 | 000,169,984 | ---- | C] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008.12.03 09:39:45 | 000,007,237 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.05.26 22:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.08.06 11:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.07.07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010.09.14 19:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2010.09.14 20:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2010.03.17 07:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.06.29 13:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverCure
[2010.05.02 15:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HappyFoto
[2009.09.05 20:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2009.04.23 19:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.08.31 14:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\M-Photo
[2009.08.03 18:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\page
[2009.06.29 12:48:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[2010.02.01 19:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.01.24 15:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.01.24 15:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio
[2009.08.05 15:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
[2010.09.15 09:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.07.18 10:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Total Gameplay
[2009.09.25 09:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2009.07.04 14:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.08.23 20:31:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{F14A989E-0102-460B-ADB5-BC208314A307}
[2009.08.26 15:38:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{FB94CE54-2703-4BFF-8E94-A0AD14C0FA22}
[2010.08.02 16:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\Windows Desktop Search
[2009.08.03 19:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ashampoo
[2009.09.13 08:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Cashfiesta
[2010.09.14 20:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CheckPoint
[2009.08.05 10:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CopyToDvd
[2009.04.23 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools
[2009.05.23 14:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Lite
[2009.04.23 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Pro
[2010.08.24 15:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Docx2Rtf
[2009.06.29 12:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DriverCure
[2009.12.17 10:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\gtk-2.0
[2010.05.02 15:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Happy Foto
[2010.09.05 19:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\ICQ
[2009.12.12 09:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Image Zone Express
[2009.05.25 15:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\InterTrust
[2009.05.26 10:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Kingston
[2009.09.05 20:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\LangSoft
[2009.05.16 11:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Leadertech
[2009.10.10 13:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\mojosoft
[2010.08.24 15:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\NwDocx
[2009.12.15 18:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\OpenOffice.org
[2009.08.22 21:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Opera
[2010.02.01 19:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\PC Suite
[2009.08.05 11:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Pegasys Inc
[2010.02.01 19:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Samsung
[2010.09.15 09:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
[2009.08.05 12:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ulead Systems
[2009.10.13 13:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\VitySoft
[2010.05.06 12:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Vso
[2010.05.20 17:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Windows Desktop Search
[2010.05.20 17:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Windows Search
[2010.07.05 19:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Zoner
[2010.09.14 20:05:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010.09.14 18:00:01 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2010.03.28 01:33:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"GAINWARD" = C:\Program Files\EXPERTool\TBPanel.exe /A -- [2008.12.03 14:51:30 | 002,181,672 | ---- | M] (Gainward Co.)
"OEXPRESS" =
"AutoStartNPSAgent" = C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe -- [2009.04.02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.)
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.09.15 09:00:33 | 003,037,696 | ---- | M] (Crawler.com)

< c:\windows\*.* /U >
[6 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.05.25 15:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.05.16 11:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Adobe
[2009.08.03 19:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ashampoo
[2010.09.14 19:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Avira
[2009.09.13 08:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Cashfiesta
[2010.09.14 20:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CheckPoint
[2009.08.05 10:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CopyToDvd
[2009.04.23 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools
[2009.05.23 14:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Lite
[2009.04.23 18:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Pro
[2010.03.15 22:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DivX
[2010.08.24 15:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Docx2Rtf
[2009.06.29 12:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DriverCure
[2010.09.11 09:04:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\dvdcss
[2010.01.27 10:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Google
[2009.12.17 10:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\gtk-2.0
[2010.05.02 15:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Happy Foto
[2009.07.08 07:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Help
[2009.06.25 13:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\HP
[2010.06.27 19:59:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\HpUpdate
[2010.09.05 19:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\ICQ
[2009.04.22 15:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Identities
[2009.12.12 09:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Image Zone Express
[2009.04.22 15:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\InstallShield
[2009.05.25 15:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\InterTrust
[2009.05.26 10:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Kingston
[2009.09.05 20:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\LangSoft
[2009.05.16 11:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Leadertech
[2009.05.06 16:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Macromedia
[2010.09.12 19:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Malwarebytes
[2010.07.05 20:41:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Michal\Data aplikací\Microsoft
[2009.10.10 13:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\mojosoft
[2009.07.16 13:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Mozilla
[2009.06.25 14:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Nero
[2010.08.24 15:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\NwDocx
[2009.12.15 18:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\OpenOffice.org
[2009.08.22 21:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Opera
[2010.02.01 19:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\PC Suite
[2009.08.05 11:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Pegasys Inc
[2010.02.01 19:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Samsung
[2009.04.23 22:41:27 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Michal\Data aplikací\SecuROM
[2010.09.14 19:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Skype
[2010.09.14 16:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\skypePM
[2010.09.15 09:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
[2009.08.21 18:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Sun
[2009.08.05 12:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ulead Systems
[2009.10.13 13:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\VitySoft
[2010.09.14 13:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\vlc
[2010.05.06 12:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Vso
[2010.05.20 17:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Windows Desktop Search
[2010.05.20 17:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Windows Search
[2009.04.23 19:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\WinRAR
[2010.07.05 19:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2009.04.23 20:36:05 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\inst.exe
[2008.09.19 01:19:30 | 000,937,465 | ---- | M] ( ) -- C:\Documents and Settings\Michal\Data aplikací\Kingston\SecureTraveler.exe
[2008.09.18 15:32:22 | 001,839,104 | -H-- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Kingston\SecureTravelerA.exe
[2008.09.19 01:05:36 | 003,231,744 | -H-- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Kingston\SecureTravelerB.exe
[2008.07.18 13:31:28 | 000,143,360 | ---- | M] (Kingston) -- C:\Documents and Settings\Michal\Data aplikací\Kingston\SecureTravelerDaemon.exe
[2008.09.18 15:32:22 | 001,839,104 | -H-- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Kingston\tmp\SecureTravelerA.exe
[2008.09.19 01:05:36 | 003,231,744 | -H-- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Kingston\tmp\SecureTravelerB.exe
[2008.07.18 13:31:28 | 000,143,360 | ---- | M] (Kingston) -- C:\Documents and Settings\Michal\Data aplikací\Kingston\tmp\SecureTravelerDaemon.exe
[2010.05.23 12:20:56 | 007,538,688 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Documents and Settings\Michal\Data aplikací\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe


< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 14:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.04.22 23:11:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.22 23:11:15 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.22 23:11:15 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 14:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.09.15 09:00:33 | 000,142,592 | ---- | M] () -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys

< %systemroot%\system32\*.* /3 >
[2010.09.14 20:29:16 | 035,552,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2010.09.15 09:24:12 | 000,253,748 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.09.15 07:19:30 | 000,421,443 | ---- | M] () -- C:\WINDOWS\system32\vsconfig.xml
[2010.09.13 20:53:02 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2010.09.15 09:39:36 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\system32\zllictbl.dat
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Michal\Plocha\Zobrazit plochu.scf:SummaryInformation
< End of report >
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#28 Příspěvek od berunka-b3 »

Zde log z Extras

OTL Extras logfile created on: 15.9.2010 15:53:06 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\Michal\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 332,14 Gb Free Space | 35,66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MICHAL-XP
Current User Name: Michal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Codemasters\DiRT\DiRT.exe" = C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable -- (Codemasters)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- File not found
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\FlatOut2\FlatOut2.exe" = C:\Program Files\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2 -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe" = C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- File not found
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- File not found
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe" = C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- File not found
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe" = C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi -- File not found
"C:\Documents and Settings\Michal\Plocha\npsasvr.exe" = C:\Documents and Settings\Michal\Plocha\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- File not found
"C:\Documents and Settings\Michal\Plocha\npsvsvr.exe" = C:\Documents and Settings\Michal\Plocha\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- File not found
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- File not found
"C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe" = C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe:*:Disabled:SRS -- ()
"C:\Program Files\F1 Challenge 2007\F1Challenge2007.exe" = C:\Program Files\F1 Challenge 2007\F1Challenge2007.exe:*:Enabled:F1 Challenge 99-02 -- (Image Space Incorporated)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{18E65799-76BD-46EF-9E53-972FE5A40736}" = Opera 10.62
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 21
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5E835305-63BB-4E55-BBB7-EEBBE67774DB}" = MyDVD
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.1.3.40
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88BFE745-3D1F-4B80-8C40-E626E5A8E613}" = Samsung S5230 Wallpaper Creator
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9DAF5ED3-20C3-47B5-8CE0-CF82D4BE7AAD}" = OpenOffice.org 3.1
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B7A9E601-0E82-11D5-AE91-444553540000}" = DVD-MovieAlbumSE 3
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DBB7F606-0C13-4182-AD7F-427A4773580E}" = VibrateGameDeviceDriver
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F86B4C7B-B846-4039-878D-6CC8F8D3370E}_is1" = SRS - Street Racing Syndicate
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{Tučňáci}_is1" = Tučňáci 1.0
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Balíček ovladače systému Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Balíček ovladače systému Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EXPERTool_is1" = EXPERTool 7.0
"Framing Station" = Framing Station
"HF_ASISTENT" = Happy Foto HF Asistent (Jen odstranit)
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Photo Frame Studio_is1" = Photo Frame Studio 2.2
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SeriousSam2" = Serious Sam 2
"Spyware Terminator_is1" = Spyware Terminator
"Totalcmd" = Total Commander (Remove or Repair)
"Traktor Simulátor_is1" = Traktor Simulátor
"Veselá kuřata" = Veselá kuřata
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1482476501-839522115-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12.9.2010 14:06:05 | Computer Name = MICHAL-XP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.46.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.9.2010 14:06:07 | Computer Name = MICHAL-XP | Source = Application Hang | ID = 1001
Description = Chybný blok 1836621447

Error - 12.9.2010 14:06:17 | Computer Name = MICHAL-XP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.46.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.9.2010 14:06:43 | Computer Name = MICHAL-XP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.46.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.9.2010 14:06:54 | Computer Name = MICHAL-XP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.46.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.9.2010 14:06:58 | Computer Name = MICHAL-XP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.46.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.9.2010 11:07:25 | Computer Name = MICHAL-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace hpwucli.exe, verze 5.0.12.1, chybující modul hpwucli.exe,
verze 5.0.12.1, adresa chyby 0x00009cff.

Error - 14.9.2010 11:51:20 | Computer Name = MICHAL-XP | Source = Application Error | ID = 1001
Description = Chybný blok 1931328735

Error - 14.9.2010 12:53:53 | Computer Name = MICHAL-XP | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 14.9.2010 12:53:53 | Computer Name = MICHAL-XP | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


[ System Events ]
Error - 14.9.2010 14:30:51 | Computer Name = MICHAL-XP | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.

Error - 14.9.2010 14:30:51 | Computer Name = MICHAL-XP | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 14.9.2010 14:31:38 | Computer Name = MICHAL-XP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 14.9.2010 14:31:39 | Computer Name = MICHAL-XP | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.

Error - 14.9.2010 14:31:39 | Computer Name = MICHAL-XP | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 15.9.2010 1:19:01 | Computer Name = MICHAL-XP | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 15.9.2010 2:38:06 | Computer Name = MICHAL-XP | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 15.9.2010 3:23:38 | Computer Name = MICHAL-XP | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 15.9.2010 3:25:14 | Computer Name = MICHAL-XP | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 8942a000, parametr3
8942a418, parametr4 1a830000.

Error - 15.9.2010 7:34:10 | Computer Name = MICHAL-XP | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.


< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: problém se sekáním počítace

#29 Příspěvek od motji »

:arrow: Otestujte na www.virustotal.com

C:\WINDOWS\System32\CDSM_CDSM Designer_uninstaller.exe
C:\Documents and Settings\Michal\Data aplikací\mdbu.bin
C:\WINDOWS\system32\comsvcs.dll
-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
berunka-b3
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 12 zář 2010 13:12

Re: problém se sekáním počítace

#30 Příspěvek od berunka-b3 »

Zde první odkaz pro C:\WINDOWS\system32\comsvcs.dll :

http://www.virustotal.com/file-scan/rep ... 1284564110
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“