Měl jsem v pc 2 trojany, ktere mi vymazal Spyware Terminator. Jeden dokonce až po restartu.
Pořád se mi chtěl pc pripojovat na internet, ale Awast to blokoval.
Prosim ted o kontrolu. Děkuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Venda at 2010-09-21 17:10:21
Microsoft Windows 7 Home Premium
System drive C: has 5 GB (18%) free of 30 GB
Total RAM: 4061 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:10:44, on 21.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Users\Venda\AppData\Local\Temp\Dkw.exe
C:\Users\Venda\AppData\Local\Temp\Dkx.exe
D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe
D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqtra08.exe
D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe
D:\programy\audio_programy\Winamp\winampa.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\programy\HP_ALL-in-one-series\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqSTE08.exe
D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqbam08.exe
D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqgpc01.exe
D:\programy\audio_programy\Winamp\winamp.exe
D:\programy\uTorrent\uTorrent.exe
D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE
D:\programy\PDF\program\Transformer.exe
D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe
D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files\trend micro\Venda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [avast!] "D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\programy\AdobeReader\prog_AdobeReader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "D:\programy\DELL\DellWebcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [WinampAgent] D:\programy\audio_programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\programy\QuickTime\prog_QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\FirstStart.exe
O4 - HKLM\..\Run: [hpqSRMon] D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] D:\programy\HP_ALL-in-one-series\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [DriverMax_RESTART] "D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe" -RESTART
O4 - HKCU\..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ASH24SXZ9S] C:\Users\Venda\AppData\Local\Temp\Dkx.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.euro.dell.com/systemprof ... emLite.CAB
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba (ABBYY.Licensing.PDFTransformer.Classic.3.0) - ABBYY - D:\programy\PDF\program\NetworkLicenseServer.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Xacti LLC - D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12086 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe"
"D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
D:\programy\PDF\program\NetworkLicenseServer.exe -service
"D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
taskeng.exe {BD3A72B1-50D8-41ED-85FD-93C3386EC330}
C:\Users\Venda\AppData\Local\Temp\Dkw.exe
C:\Users\Venda\AppData\Local\Temp\Dkx.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
"D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqtra08.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe"
"D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
"D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe" /service
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"D:\programy\audio_programy\Winamp\winampa.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"D:\programy\HP_ALL-in-one-series\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C3100 series#1283169369" -Startup
"D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqbam08.exe" -Embedding
"D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"D:\programy\audio_programy\Winamp\winamp.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"D:\programy\uTorrent\uTorrent.exe" "C:\Users\Venda\AppData\Local\Temp\[CzT]ABBYY_PDF_Transformer_3_0.torrent"
"D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE"
"D:\programy\PDF\program\Transformer.exe"
"D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe"
"D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_clipbook.exe" -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\Venda\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-09-20 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-09-20 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cfp.exe [2010-06-03 8074184]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2009-07-02 3180624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-24 1822504]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-02-26 487424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DriverMax_RESTART"=D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe [2010-03-07 9220000]
"ABBYY Screenshot Reader Bonus"= []
"OM_Monitor"=D:\programy\OLYMPUS\OlympusMaster\Monitor.exe [2006-05-16 57344]
""= []
"OEXPRESS"= []
"WEBTRAN"= []
"ASH24SXZ9S"=C:\Users\Venda\AppData\Local\Temp\Dkx.exe [2010-09-21 222208]
"SpywareTerminatorUpdate"=D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-09-21 3037696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
D:\programy\Alcohol 120\AxAutoMntSrv.exe -automount []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
D:\programy\Nokia_program\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast!"=D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe [2009-11-25 81000]
"Adobe Reader Speed Launcher"=D:\programy\AdobeReader\prog_AdobeReader\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Dell Webcam Central"=D:\programy\DELL\DellWebcam\Dell Webcam Central\WebcamDell.exe [2008-11-11 442536]
"WinampAgent"=D:\programy\audio_programy\Winamp\winampa.exe [2010-01-12 37888]
"QuickTime Task"=D:\programy\QuickTime\prog_QuickTime\QTTask.exe [2010-03-17 421888]
"PDVDDXSrv"=C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2010-01-07 140520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"OM_Monitor"=D:\programy\OLYMPUS\OlympusMaster\FirstStart.exe [2006-05-16 40960]
"hpqSRMon"=D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=D:\programy\HP_ALL-in-one-series\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-21 17:10:29 ----D---- C:\Program Files\trend micro
2010-09-21 16:02:48 ----D---- C:\Users\Venda\AppData\Roaming\Spyware Terminator
2010-09-21 16:02:46 ----D---- C:\ProgramData\Spyware Terminator
2010-09-20 23:26:05 ----A---- C:\Windows\TRNCOM.INI
2010-09-20 23:22:56 ----D---- C:\ProgramData\LangSoft
2010-09-20 23:16:28 ----D---- C:\Users\Venda\AppData\Roaming\LangSoft
2010-09-15 20:57:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-09-15 20:57:32 ----A---- C:\Windows\system32\iertutil.dll
2010-09-15 18:50:25 ----A---- C:\test.txt
2010-09-15 18:50:09 ----D---- C:\Temp
2010-09-15 16:20:49 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-10 22:36:52 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2010-09-10 22:36:52 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2010-09-10 22:36:51 ----A---- C:\Windows\system32\atiumd6a.dll
2010-09-10 22:36:50 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2010-09-10 22:36:50 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2010-09-10 22:36:50 ----A---- C:\Windows\system32\atiumd64.dll
2010-09-10 22:36:50 ----A---- C:\Windows\system32\atiu9p64.dll
2010-09-10 22:36:50 ----A---- C:\Windows\system32\atitmm64.dll
2010-09-10 22:36:50 ----A---- C:\Windows\system32\atipdl64.dll
2010-09-10 22:36:48 ----A---- C:\Windows\system32\atio6axx.dll
2010-09-10 22:36:46 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2010-09-10 22:36:46 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2010-09-10 22:36:46 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2010-09-10 22:36:46 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2010-09-10 22:36:46 ----A---- C:\Windows\system32\atimuixx.dll
2010-09-10 22:36:46 ----A---- C:\Windows\system32\atimpc64.dll
2010-09-10 22:36:46 ----A---- C:\Windows\system32\amdpcom64.dll
2010-09-10 22:36:45 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2010-09-10 22:36:45 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2010-09-10 22:36:45 ----A---- C:\Windows\system32\atiglpxx.dll
2010-09-10 22:36:45 ----A---- C:\Windows\system32\atig6txx.dll
2010-09-10 22:36:45 ----A---- C:\Windows\system32\atig6pxx.dll
2010-09-10 22:36:44 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2010-09-10 22:36:44 ----A---- C:\Windows\system32\atiedu64.dll
2010-09-10 22:36:43 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2010-09-10 22:36:43 ----A---- C:\Windows\system32\ATIDEMGX.dll
2010-09-10 22:36:43 ----A---- C:\Windows\system32\aticalrt64.dll
2010-09-10 22:36:43 ----A---- C:\Windows\system32\aticaldd64.dll
2010-09-10 22:36:42 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2010-09-10 22:36:42 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2010-09-10 22:36:42 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2010-09-10 22:36:42 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2010-09-10 22:36:42 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2010-09-10 22:36:42 ----A---- C:\Windows\system32\aticalcl64.dll
2010-09-10 22:36:42 ----A---- C:\Windows\system32\atiapfxx.exe
2010-09-10 02:28:44 ----A---- C:\Windows\SYSWOW64\LWCtPl.dll
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\WMWizard.dll
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\WmJoyFrc.dll
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\W9XdInst.dll
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\W9xDAPI.dll
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\LFLoad.sys
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\drivers\LUsbSys.sys
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\drivers\LHidLo.sys
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\drivers\LHidHi.sys
2010-09-10 02:28:41 ----A---- C:\Windows\SYSWOW64\drivers\ihidfilt.sys
2010-09-09 21:17:04 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-09-09 13:37:42 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2010-08-31 11:43:40 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2010-08-31 11:43:40 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2010-08-31 11:43:32 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2010-08-31 11:30:17 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2010-08-30 13:58:31 ----D---- C:\Users\Venda\AppData\Roaming\HP
2010-08-30 13:58:31 ----D---- C:\ProgramData\WEBREG
2010-08-30 13:52:24 ----D---- C:\ProgramData\HP Product Assistant
2010-08-30 13:52:09 ----D---- C:\Windows\SYSWOW64\spool
2010-08-30 13:50:18 ----D---- C:\Program Files (x86)\HP
2010-08-30 13:50:17 ----HD---- C:\Config.Msi
2010-08-30 13:33:48 ----A---- C:\Windows\system32\hpzids40.dll
2010-08-30 12:57:03 ----D---- C:\Users\Venda\AppData\Roaming\OLYMPUS
2010-08-30 12:55:56 ----D---- C:\Windows\SYSWOW64\QuickTime
2010-08-30 12:22:57 ----D---- C:\ProgramData\HP
2010-08-24 19:33:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-24 19:33:26 ----A---- C:\Windows\system32\oleaut32.dll
======List of files/folders modified in the last 1 months======
2010-09-21 17:10:41 ----D---- C:\Windows\Temp
2010-09-21 17:10:29 ----RD---- C:\Program Files
2010-09-21 17:10:16 ----D---- C:\Users\Venda\AppData\Roaming\uTorrent
2010-09-21 17:04:37 ----D---- C:\Windows\Prefetch
2010-09-21 16:59:02 ----D---- C:\Windows\system32\config
2010-09-21 16:44:29 ----D---- C:\Windows\Tasks
2010-09-21 16:44:12 ----D---- C:\Windows
2010-09-21 16:42:52 ----D---- C:\Users\Venda\AppData\Roaming\ICQ
2010-09-21 16:42:37 ----D---- C:\Windows\SysWOW64
2010-09-21 16:42:33 ----SHD---- C:\System Volume Information
2010-09-21 16:03:12 ----D---- C:\Windows\system32\drivers
2010-09-21 16:02:46 ----HD---- C:\ProgramData
2010-09-21 15:46:42 ----D---- C:\Windows\debug
2010-09-21 15:45:06 ----D---- C:\ProgramData\ABBYY
2010-09-21 15:43:13 ----D---- C:\Windows\system32\Tasks
2010-09-20 22:19:40 ----D---- C:\Windows\System32
2010-09-20 22:19:40 ----D---- C:\Windows\inf
2010-09-20 22:19:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-18 00:14:01 ----D---- C:\Users\Venda\AppData\Roaming\vlc
2010-09-16 00:05:07 ----D---- C:\Windows\winsxs
2010-09-15 21:01:44 ----SHD---- C:\Windows\Installer
2010-09-15 21:01:42 ----D---- C:\ProgramData\Microsoft Help
2010-09-15 20:58:06 ----A---- C:\Windows\system32\MRT.exe
2010-09-15 20:57:36 ----D---- C:\Windows\system32\catroot
2010-09-15 18:33:03 ----D---- C:\ProgramData\Apple Computer
2010-09-15 16:20:09 ----D---- C:\Windows\system32\catroot2
2010-09-14 12:45:08 ----D---- C:\Windows\system32\NDF
2010-09-10 23:21:15 ----RSD---- C:\Windows\assembly
2010-09-10 22:37:10 ----D---- C:\Windows\system32\DriverStore
2010-09-10 02:28:41 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-10 02:28:39 ----D---- C:\Program Files (x86)\Common Files
2010-09-10 02:28:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-09-09 21:17:04 ----RD---- C:\Program Files (x86)
2010-09-09 13:37:47 ----DC---- C:\Windows\system32\DRVSTORE
2010-09-08 19:45:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-09-06 17:16:39 ----D---- C:\Windows\Downloaded Program Files
2010-09-06 00:58:36 ----D---- C:\Users\Venda\AppData\Roaming\dvdcss
2010-08-30 13:56:09 ----A---- C:\Windows\win.ini
2010-08-30 13:54:56 ----D---- C:\Windows\twain_32
2010-08-30 13:52:28 ----RSD---- C:\Windows\Fonts
2010-08-25 12:26:04 ----D---- C:\Windows\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-06-08 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-16 828912]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 27216]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 89680]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 53840]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-06-10 236112]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-06-03 33208]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-06-03 85208]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2010/07/10 00:49:12]; \??\C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl [2010-01-07 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 22096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 65616]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-03 7451648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-03 268288]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2008-10-28 160704]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-15 384552]
R3 netw5v64;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2010-06-01 7533568]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-02-26 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-24 285744]
S0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys []
S3 ao6gf9mw;ao6gf9mw; C:\Windows\system32\drivers\ao6gf9mw.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-03 7451648]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 NETw5s64;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-04-08 7680512]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-02-26 12288]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-02-26 173056]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-04-04 65536]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-02-23 7168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba; D:\programy\PDF\program\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-03 203264]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe [2009-11-25 138680]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-12 148744]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cmdagent.exe [2010-06-03 2348600]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe [2010-09-21 1033255]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [2010-02-26 244736]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-17 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu po vymazani trojanu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrola logu po vymazani trojanu
+ Awast mi našel ještě C:\Users\Venda\AppData\Local\Temp\Dkx.exe
dal jsem smazat
ale porad se to dkx chce pripojit k dll - hlasi comodo firewall
Děkuji za pomoc.
dal jsem smazat
ale porad se to dkx chce pripojit k dll - hlasi comodo firewall
Děkuji za pomoc.
Re: kontrola logu po vymazani trojanu
Dobrý večer 
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: kontrola logu po vymazani trojanu
OTL Extras logfile created on: 21.9.2010 18:11:34 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,20 Gb Total Space | 5,25 Gb Free Space | 17,99% Space Free | Partition Type: NTFS
Drive D: | 436,46 Gb Total Space | 99,79 Gb Free Space | 22,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VENDA-PC
Current User Name: Venda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)
"EEEE705096F837B7907659F100C9FE6DA001970F" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.04
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{377B2121-65F6-4C5F-998F-5284DEF41F3E}" = COMODO livePCsupport
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}" = Worms 4 Mayhem
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{75AE638F-750A-11DF-96D5-005056806466}" = Google Earth Plug-in
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Dell Webcam Central" = Dell Webcam Central
"DMX5_is1" = DriverMax 5
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"gBurner" = gBurner
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"Magic Audio Editor Pro_is1" = Magic Audio Editor Pro v7.4.0.11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"MP4 to MP3 Converter 3" = MP4 to MP3 Converter 3
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"PC Translator" = PC Translator
"Spyware Terminator_is1" = Spyware Terminator
"StrongDC++" = StrongDC++ 2.41
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"XnView_is1" = XnView 1.97.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 1.7.2010 16:19:07 | Computer Name = Venda-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://download.microsoft.com/download/ ... .themepack
failed, 00000026.
[ Application Events ]
Error - 20.9.2010 6:09:03 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 6:09:41 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\programy\Nokia_program\Nokia PC
Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 6:36:17 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 6:36:24 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\programy\Nokia_program\Nokia PC
Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 16:05:58 | Computer Name = Venda-PC | Source = Application Hang | ID = 1002
Description = Program TOTALCMD.EXE verze 7.5.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
180 Čas spuštění: 01cb58fedbb8cbf3 Čas ukončení: 60000 Cesta k aplikaci: D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE
ID
hlášení: 4dedf8a1-c4f2-11df-ba63-0026b900d528
Error - 20.9.2010 16:19:09 | Computer Name = Venda-PC | Source = Application Hang | ID = 1002
Description = Program TOTALCMD.EXE verze 7.5.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
fa0 Čas spuštění: 01cb5900c8eb54ff Čas ukončení: 60000 Cesta k aplikaci: D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE
ID
hlášení: 23f41f8b-c4f4-11df-adbf-0026b900d528
Error - 21.9.2010 9:34:23 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Bonus.ScreenshotReader.exe, verze: 3.0.100.216,
časové razítko: 0x4a47e191 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422,
časové razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e488 ID chybujícího
procesu: 0x13dc Čas spuštění chybující aplikace: 0x01cb5991b36e4a64 Cesta k chybující
aplikaci: D:\programy\PDF\program\Bonus.ScreenshotReader.exe Cesta k chybujícímu
modulu: D:\programy\PDF\program\Awl.dll ID zprávy: f1e0677b-c584-11df-ac31-0026b900d528
Error - 21.9.2010 9:34:43 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Transformer.exe, verze: 3.0.100.216, časové
razítko: 0x4a47dea5 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422, časové
razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e3e4 ID chybujícího
procesu: 0xebc Čas spuštění chybující aplikace: 0x01cb5991be5d9ca6 Cesta k chybující
aplikaci: D:\programy\PDF\program\Transformer.exe Cesta k chybujícímu modulu: D:\programy\PDF\program\Awl.dll
ID
zprávy: fd7fdf91-c584-11df-ac31-0026b900d528
Error - 21.9.2010 9:35:49 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Transformer.exe, verze: 3.0.100.216, časové
razítko: 0x4a47dea5 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422, časové
razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e3e4 ID chybujícího
procesu: 0xd20 Čas spuštění chybující aplikace: 0x01cb5991e72ab2d8 Cesta k chybující
aplikaci: D:\programy\PDF\program\Transformer.exe Cesta k chybujícímu modulu: D:\programy\PDF\program\Awl.dll
ID
zprávy: 24faf25d-c585-11df-ac31-0026b900d528
Error - 21.9.2010 9:35:55 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Transformer.exe, verze: 3.0.100.216, časové
razítko: 0x4a47dea5 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422, časové
razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e3e4 ID chybujícího
procesu: 0xa44 Čas spuštění chybující aplikace: 0x01cb5991eabf24a2 Cesta k chybující
aplikaci: D:\programy\PDF\program\Transformer.exe Cesta k chybujícímu modulu: D:\programy\PDF\program\Awl.dll
ID
zprávy: 28811be5-c585-11df-ac31-0026b900d528
[ System Events ]
Error - 20.9.2010 16:17:36 | Computer Name = Venda-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 20.9.2010 16:17:42 | Computer Name = Venda-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 20.9.2010 16:17:51 | Computer Name = Venda-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 20.9.2010 16:20:52 | Computer Name = Venda-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.
Error - 20.9.2010 16:42:19 | Computer Name = Venda-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.
Error - 20.9.2010 17:07:42 | Computer Name = Venda-PC | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.
Error - 20.9.2010 17:07:47 | Computer Name = Venda-PC | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.
Error - 21.9.2010 4:41:07 | Computer Name = Venda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfsync02
Error - 21.9.2010 9:32:34 | Computer Name = Venda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfsync02
Error - 21.9.2010 10:44:37 | Computer Name = Venda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfsync02
< End of report >
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,20 Gb Total Space | 5,25 Gb Free Space | 17,99% Space Free | Partition Type: NTFS
Drive D: | 436,46 Gb Total Space | 99,79 Gb Free Space | 22,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VENDA-PC
Current User Name: Venda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\programy\Microsoft_Office_Enterprise2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\programy\video_programy\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)
"EEEE705096F837B7907659F100C9FE6DA001970F" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.04
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{377B2121-65F6-4C5F-998F-5284DEF41F3E}" = COMODO livePCsupport
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}" = Worms 4 Mayhem
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{75AE638F-750A-11DF-96D5-005056806466}" = Google Earth Plug-in
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISER_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISER_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISER_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISER_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Dell Webcam Central" = Dell Webcam Central
"DMX5_is1" = DriverMax 5
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"gBurner" = gBurner
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"Magic Audio Editor Pro_is1" = Magic Audio Editor Pro v7.4.0.11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"MP4 to MP3 Converter 3" = MP4 to MP3 Converter 3
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"PC Translator" = PC Translator
"Spyware Terminator_is1" = Spyware Terminator
"StrongDC++" = StrongDC++ 2.41
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"XnView_is1" = XnView 1.97.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 1.7.2010 16:19:07 | Computer Name = Venda-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://download.microsoft.com/download/ ... .themepack
failed, 00000026.
[ Application Events ]
Error - 20.9.2010 6:09:03 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 6:09:41 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\programy\Nokia_program\Nokia PC
Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 6:36:17 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 6:36:24 | Computer Name = Venda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\programy\Nokia_program\Nokia PC
Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 20.9.2010 16:05:58 | Computer Name = Venda-PC | Source = Application Hang | ID = 1002
Description = Program TOTALCMD.EXE verze 7.5.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
180 Čas spuštění: 01cb58fedbb8cbf3 Čas ukončení: 60000 Cesta k aplikaci: D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE
ID
hlášení: 4dedf8a1-c4f2-11df-ba63-0026b900d528
Error - 20.9.2010 16:19:09 | Computer Name = Venda-PC | Source = Application Hang | ID = 1002
Description = Program TOTALCMD.EXE verze 7.5.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
fa0 Čas spuštění: 01cb5900c8eb54ff Čas ukončení: 60000 Cesta k aplikaci: D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE
ID
hlášení: 23f41f8b-c4f4-11df-adbf-0026b900d528
Error - 21.9.2010 9:34:23 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Bonus.ScreenshotReader.exe, verze: 3.0.100.216,
časové razítko: 0x4a47e191 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422,
časové razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e488 ID chybujícího
procesu: 0x13dc Čas spuštění chybující aplikace: 0x01cb5991b36e4a64 Cesta k chybující
aplikaci: D:\programy\PDF\program\Bonus.ScreenshotReader.exe Cesta k chybujícímu
modulu: D:\programy\PDF\program\Awl.dll ID zprávy: f1e0677b-c584-11df-ac31-0026b900d528
Error - 21.9.2010 9:34:43 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Transformer.exe, verze: 3.0.100.216, časové
razítko: 0x4a47dea5 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422, časové
razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e3e4 ID chybujícího
procesu: 0xebc Čas spuštění chybující aplikace: 0x01cb5991be5d9ca6 Cesta k chybující
aplikaci: D:\programy\PDF\program\Transformer.exe Cesta k chybujícímu modulu: D:\programy\PDF\program\Awl.dll
ID
zprávy: fd7fdf91-c584-11df-ac31-0026b900d528
Error - 21.9.2010 9:35:49 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Transformer.exe, verze: 3.0.100.216, časové
razítko: 0x4a47dea5 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422, časové
razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e3e4 ID chybujícího
procesu: 0xd20 Čas spuštění chybující aplikace: 0x01cb5991e72ab2d8 Cesta k chybující
aplikaci: D:\programy\PDF\program\Transformer.exe Cesta k chybujícímu modulu: D:\programy\PDF\program\Awl.dll
ID
zprávy: 24faf25d-c585-11df-ac31-0026b900d528
Error - 21.9.2010 9:35:55 | Computer Name = Venda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Transformer.exe, verze: 3.0.100.216, časové
razítko: 0x4a47dea5 Název chybujícího modulu: Awl.dll, verze: 0.0.2.1422, časové
razítko: 0x4a0d642b Kód výjimky: 0xc0000005 Posun chyby: 0x0008e3e4 ID chybujícího
procesu: 0xa44 Čas spuštění chybující aplikace: 0x01cb5991eabf24a2 Cesta k chybující
aplikaci: D:\programy\PDF\program\Transformer.exe Cesta k chybujícímu modulu: D:\programy\PDF\program\Awl.dll
ID
zprávy: 28811be5-c585-11df-ac31-0026b900d528
[ System Events ]
Error - 20.9.2010 16:17:36 | Computer Name = Venda-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 20.9.2010 16:17:42 | Computer Name = Venda-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 20.9.2010 16:17:51 | Computer Name = Venda-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 20.9.2010 16:20:52 | Computer Name = Venda-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.
Error - 20.9.2010 16:42:19 | Computer Name = Venda-PC | Source = iaStor | ID = 262153
Description = Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.
Error - 20.9.2010 17:07:42 | Computer Name = Venda-PC | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.
Error - 20.9.2010 17:07:47 | Computer Name = Venda-PC | Source = ACPI | ID = 327693
Description = : Integrovaný řadič neodpověděl během zadaného časového limitu. Může
to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS
přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače
nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit,
že počítač nebude pracovat správně.
Error - 21.9.2010 4:41:07 | Computer Name = Venda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfsync02
Error - 21.9.2010 9:32:34 | Computer Name = Venda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfsync02
Error - 21.9.2010 10:44:37 | Computer Name = Venda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sfsync02
< End of report >
Re: kontrola logu po vymazani trojanu
OTL logfile created on: 21.9.2010 18:11:34 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,20 Gb Total Space | 5,25 Gb Free Space | 17,99% Space Free | Partition Type: NTFS
Drive D: | 436,46 Gb Total Space | 99,79 Gb Free Space | 22,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VENDA-PC
Current User Name: Venda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
PRC - [2010.09.21 15:43:06 | 000,222,208 | ---- | M] (Alexander Roshal) -- C:\Users\Venda\AppData\Local\Temp\Dkx.exe
PRC - [2010.09.21 15:42:39 | 000,225,280 | ---- | M] (Alexander Roshal) -- C:\Users\Venda\AppData\Local\Temp\Dkw.exe
PRC - [2010.09.19 21:02:09 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe
PRC - [2010.07.20 11:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- D:\programy\systemove_programy\MBAM\mbam.exe
PRC - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2010.01.12 22:02:46 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\programy\audio_programy\Winamp\winampa.exe
PRC - [2010.01.07 17:11:28 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe
PRC - [2009.09.20 12:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqtra08.exe
PRC - [2009.09.20 12:15:26 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_clipbook.exe
PRC - [2009.09.20 12:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqbam08.exe
PRC - [2009.09.20 12:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqste08.exe
PRC - [2009.09.09 08:50:00 | 003,514,112 | ---- | M] (Ghisler Software GmbH) -- D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE
PRC - [2009.05.21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- D:\programy\PDF\program\NetworkLicenseServer.exe
PRC - [2007.05.08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- D:\programy\HP_ALL-in-one-series\HP Software Update\hpwuSchd2.exe
========== Modules (SafeList) ==========
MOD - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
MOD - [2010.06.03 13:02:37 | 000,278,288 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2009.07.14 03:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.08.03 20:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.26 02:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters)
SRV - [2010.09.21 16:02:48 | 001,033,255 | ---- | M] (Xacti LLC) [Auto | Running] -- D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.03 12:59:37 | 002,348,600 | ---- | M] (COMODO) [Auto | Running] -- D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.20 12:24:02 | 000,249,344 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009.09.20 12:24:02 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- D:\programy\PDF\program\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV:64bit: - [2010.08.16 22:26:16 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.03 20:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.15 15:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.06.08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.06.01 06:58:50 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.05.06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.08 09:42:32 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.03.15 14:35:24 | 000,384,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.02.26 14:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 14:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 14:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 14:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.26 14:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.02.26 14:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010.02.26 02:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.11.25 01:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.11.25 01:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009.08.24 11:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.25 18:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 17:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.28 11:48:20 | 000,160,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2005.04.04 12:45:03 | 000,065,536 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.02.23 18:00:19 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2010.01.07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/07/10 00:49:12] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 C7 24 31 EC 33 CB 01 [binary data]
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\programy\Nokia_program\Nokia PC Suite 7\bkmrksync\ [2010.07.26 02:01:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.30 13:53:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\components [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\plugins [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
[2010.03.13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Extensions
[2010.09.20 23:26:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions
[2010.09.20 23:26:46 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.03.15 17:01:46 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.03.17 18:10:03 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.09.15 18:21:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2010.08.18 21:27:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.27 14:54:30 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.08.05 16:02:49 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.09.15 18:22:11 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\smarterwiki@wikiatic.com
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O3 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\programy\AdobeReader\prog_AdobeReader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Dell Webcam Central] D:\programy\DELL\DellWebcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [HP Software Update] D:\programy\HP_ALL-in-one-series\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] D:\programy\QuickTime\prog_QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [WinampAgent] D:\programy\audio_programy\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [ABBYY Screenshot Reader Bonus] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [ASH24SXZ9S] C:\Users\Venda\AppData\Local\Temp\Dkx.exe (Alexander Roshal)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [DriverMax_RESTART] D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\Monitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [SpywareTerminatorUpdate] D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [WEBTRAN] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\Microsoft_Office_Enterprise2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprof ... emLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.168.176.3
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe -- File not found
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O33 - MountPoints2\{a9cb926a-3421-11df-b305-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{a9cb926a-3421-11df-b305-0026b900d528}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,20 Gb Total Space | 5,25 Gb Free Space | 17,99% Space Free | Partition Type: NTFS
Drive D: | 436,46 Gb Total Space | 99,79 Gb Free Space | 22,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VENDA-PC
Current User Name: Venda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
PRC - [2010.09.21 15:43:06 | 000,222,208 | ---- | M] (Alexander Roshal) -- C:\Users\Venda\AppData\Local\Temp\Dkx.exe
PRC - [2010.09.21 15:42:39 | 000,225,280 | ---- | M] (Alexander Roshal) -- C:\Users\Venda\AppData\Local\Temp\Dkw.exe
PRC - [2010.09.19 21:02:09 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe
PRC - [2010.07.20 11:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- D:\programy\systemove_programy\MBAM\mbam.exe
PRC - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2010.01.12 22:02:46 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- D:\programy\audio_programy\Winamp\winampa.exe
PRC - [2010.01.07 17:11:28 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe
PRC - [2009.09.20 12:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqtra08.exe
PRC - [2009.09.20 12:15:26 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_clipbook.exe
PRC - [2009.09.20 12:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqbam08.exe
PRC - [2009.09.20 12:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqste08.exe
PRC - [2009.09.09 08:50:00 | 003,514,112 | ---- | M] (Ghisler Software GmbH) -- D:\programy\systemove_programy\totalcmd\prog_tcmd\TOTALCMD.EXE
PRC - [2009.05.21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- D:\programy\PDF\program\NetworkLicenseServer.exe
PRC - [2007.05.08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard) -- D:\programy\HP_ALL-in-one-series\HP Software Update\hpwuSchd2.exe
========== Modules (SafeList) ==========
MOD - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
MOD - [2010.06.03 13:02:37 | 000,278,288 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2009.07.14 03:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.08.03 20:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.26 02:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters)
SRV - [2010.09.21 16:02:48 | 001,033,255 | ---- | M] (Xacti LLC) [Auto | Running] -- D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.03 12:59:37 | 002,348,600 | ---- | M] (COMODO) [Auto | Running] -- D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.20 12:24:02 | 000,249,344 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009.09.20 12:24:02 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- D:\programy\PDF\program\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV:64bit: - [2010.08.16 22:26:16 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.03 20:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.15 15:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.06.08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.06.01 06:58:50 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.05.06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.08 09:42:32 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.03.15 14:35:24 | 000,384,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.02.26 14:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 14:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 14:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 14:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.26 14:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.02.26 14:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010.02.26 02:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.11.25 01:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.11.25 01:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009.08.24 11:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.25 18:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 17:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.28 11:48:20 | 000,160,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2005.04.04 12:45:03 | 000,065,536 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.02.23 18:00:19 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2010.01.07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/07/10 00:49:12] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 C7 24 31 EC 33 CB 01 [binary data]
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\programy\Nokia_program\Nokia PC Suite 7\bkmrksync\ [2010.07.26 02:01:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.30 13:53:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\components [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\plugins [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
[2010.03.13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Extensions
[2010.09.20 23:26:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions
[2010.09.20 23:26:46 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.03.15 17:01:46 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.03.17 18:10:03 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.09.15 18:21:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2010.08.18 21:27:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.27 14:54:30 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.08.05 16:02:49 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.09.15 18:22:11 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\smarterwiki@wikiatic.com
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O3 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\programy\AdobeReader\prog_AdobeReader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Dell Webcam Central] D:\programy\DELL\DellWebcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [HP Software Update] D:\programy\HP_ALL-in-one-series\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] D:\programy\QuickTime\prog_QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [WinampAgent] D:\programy\audio_programy\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [ABBYY Screenshot Reader Bonus] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [ASH24SXZ9S] C:\Users\Venda\AppData\Local\Temp\Dkx.exe (Alexander Roshal)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [DriverMax_RESTART] D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\Monitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [SpywareTerminatorUpdate] D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [WEBTRAN] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\Microsoft_Office_Enterprise2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprof ... emLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.168.176.3
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe -- File not found
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O33 - MountPoints2\{a9cb926a-3421-11df-b305-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{a9cb926a-3421-11df-b305-0026b900d528}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Re: kontrola logu po vymazani trojanu
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.09.21 18:10:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.21 16:02:48 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 16:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Venda
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\LangSoft
[2010.09.20 23:16:28 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.09.15 20:57:32 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.09.15 18:50:09 | 000,000,000 | ---D | C] -- C:\Temp
[2010.09.15 18:36:12 | 000,000,000 | ---D | C] -- C:\Users\Venda\Desktop\Nová složka
[2010.09.14 12:17:56 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\Remote Assistance Logs
[2010.09.10 23:39:17 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\NFS Most Wanted
[2010.09.10 22:36:52 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.09.10 22:36:52 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.09.10 22:36:51 | 003,077,120 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.09.10 22:36:50 | 015,845,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.09.10 22:36:50 | 005,167,104 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.09.10 22:36:50 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.09.10 22:36:50 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.09.10 22:36:50 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.09.10 22:36:50 | 000,036,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2010.09.10 22:36:48 | 020,817,408 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.09.10 22:36:46 | 007,451,648 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.09.10 22:36:46 | 000,268,288 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.09.10 22:36:46 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.09.10 22:36:45 | 000,018,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.09.10 22:36:45 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.09.10 22:36:45 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.09.10 22:36:44 | 003,899,392 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.09.10 22:36:44 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.09.10 22:36:43 | 005,394,432 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.09.10 22:36:43 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.09.10 22:36:43 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.09.10 22:36:43 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.09.10 22:36:42 | 004,341,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.09.10 22:36:42 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.09.10 22:36:42 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.09.10 22:36:42 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.09.10 22:36:42 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.09.10 22:36:42 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.09.10 22:36:42 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.09.10 02:28:44 | 002,347,008 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\LWCtPl.dll
[2010.09.10 02:28:41 | 000,356,352 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\WMWizard.dll
[2010.09.10 02:28:41 | 000,163,840 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\WmJoyFrc.dll
[2010.09.10 02:28:41 | 000,086,016 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9xDAPI.dll
[2010.09.10 02:28:41 | 000,061,440 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9XdInst.dll
[2010.09.10 02:28:41 | 000,033,216 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\LFLoad.sys
[2010.09.10 02:28:41 | 000,027,388 | ---- | C] (Immersion Corporation) -- C:\Windows\SysWow64\drivers\ihidfilt.sys
[2010.09.10 02:28:41 | 000,017,280 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\drivers\LHidHi.sys
[2010.09.10 02:28:41 | 000,013,408 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LHidLo.sys
[2010.09.10 02:28:41 | 000,010,432 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LUsbSys.sys
[2010.09.10 02:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech
[2010.09.09 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.09.09 21:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.09.09 21:09:53 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\2K Games
[2010.09.09 13:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010.09.05 10:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010.08.31 11:43:40 | 004,021,760 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.08.31 11:43:40 | 003,324,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.08.31 11:43:32 | 000,519,680 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.08.31 11:30:17 | 000,116,240 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\HP
[2010.08.30 13:56:01 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\HP
[2010.08.30 13:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010.08.30 13:52:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010.08.30 13:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010.08.30 13:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010.08.30 13:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2010.08.30 13:50:17 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010.08.30 13:33:48 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010.08.30 12:57:03 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.08.30 12:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010.08.30 12:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.08.30 12:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010.08.26 23:05:38 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\BIMBO
[2010.08.24 19:33:26 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.21 18:17:12 | 002,621,440 | -HS- | M] () -- C:\Users\Venda\ntuser.dat
[2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:47:45 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.21 17:47:45 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.09.21 17:47:45 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.21 17:47:45 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.09.21 17:47:45 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.21 17:38:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.21 17:30:59 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.09.21 17:30:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.21 17:01:44 | 000,003,193 | ---- | M] () -- C:\Users\Venda\wincmd.ini
[2010.09.21 16:52:35 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 16:52:35 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 16:44:30 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.21 16:44:22 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.21 16:44:12 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.21 16:42:55 | 007,056,478 | -H-- | M] () -- C:\Users\Venda\AppData\Local\IconCache.db
[2010.09.21 16:03:06 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.20 23:29:13 | 000,000,833 | ---- | M] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | M] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:22 | 002,655,607 | ---- | M] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | M] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:36:58 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.09 13:39:57 | 000,002,069 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | M] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | M] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:57:25 | 000,065,536 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.08.30 22:31:55 | 000,342,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.30 13:58:21 | 000,223,791 | ---- | M] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:56:09 | 000,000,438 | ---- | M] () -- C:\Windows\win.ini
[2010.08.30 13:56:02 | 000,084,520 | ---- | M] () -- C:\Users\Venda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.30 13:52:49 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:22 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 13:52:05 | 000,001,863 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.08.30 12:56:29 | 000,000,744 | ---- | M] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.26 23:18:26 | 000,001,747 | ---- | M] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.21 16:03:06 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.21 15:42:46 | 000,000,286 | -H-- | C] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.09.20 23:29:13 | 000,000,833 | ---- | C] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:21 | 002,655,607 | ---- | C] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | C] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:51:34 | 001,155,109 | ---- | C] () -- C:\Users\Venda\Desktop\NfSMWcz.exe
[2010.09.10 23:38:09 | 000,167,936 | ---- | C] () -- C:\Users\Venda\Desktop\sd4hide.exe
[2010.09.10 23:36:58 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.10 22:36:52 | 000,523,968 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.09.10 22:36:51 | 000,523,968 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.09.10 22:36:48 | 000,022,053 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.09.10 22:36:45 | 000,219,348 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.09.10 22:36:42 | 000,071,096 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.09.10 02:28:41 | 000,040,519 | ---- | C] () -- C:\Windows\SysWow64\LXLCore.VxD
[2010.09.10 02:28:41 | 000,034,272 | ---- | C] () -- C:\Windows\SysWow64\Ljoy.VxD
[2010.09.10 02:28:41 | 000,022,659 | ---- | C] () -- C:\Windows\SysWow64\Lserial.VxD
[2010.09.10 02:28:41 | 000,019,620 | ---- | C] () -- C:\Windows\SysWow64\LJoyFrc.vxd
[2010.09.10 02:28:41 | 000,016,680 | ---- | C] () -- C:\Windows\SysWow64\LDigital.VxD
[2010.09.10 02:28:41 | 000,011,428 | ---- | C] () -- C:\Windows\SysWow64\LUsbVxd.vxd
[2010.09.10 02:28:41 | 000,009,196 | ---- | C] () -- C:\Windows\SysWow64\LJoyV.VxD
[2010.09.10 02:28:41 | 000,006,243 | ---- | C] () -- C:\Windows\SysWow64\LAnalog.VxD
[2010.09.09 13:39:57 | 000,002,069 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | C] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | C] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:23:12 | 000,065,536 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.30 13:52:49 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:21 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 13:52:05 | 000,001,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.08.30 13:34:23 | 000,223,791 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:34:23 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010.08.30 12:56:29 | 000,000,744 | ---- | C] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.30 12:23:04 | 000,001,819 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.08.26 23:18:26 | 000,001,747 | ---- | C] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[2010.08.16 11:53:26 | 000,000,017 | ---- | C] () -- C:\Users\Venda\AppData\Local\resmon.resmoncfg
[2010.07.27 16:12:13 | 000,008,192 | ---- | C] () -- C:\Users\Venda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.01 16:36:46 | 000,106,500 | RHS- | C] () -- C:\Users\Venda\AppData\Local\Isass.exe
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[1998.01.16 21:38:02 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\EasyRegistry.dll
========== LOP Check ==========
[2010.03.17 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2010.09.21 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2010.09.21 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.06.01 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Leadertech
[2010.08.14 21:49:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2010.07.27 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Ovi Suite
[2010.08.30 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.07.26 02:06:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2010.09.21 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2010.05.04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
[2010.09.06 17:12:44 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.21 17:30:59 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DriverMax_RESTART" = "D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe" -RESTART -- [2010.03.07 20:55:06 | 009,220,000 | ---- | M] (Innovative Solutions)
"ABBYY Screenshot Reader Bonus" =
"OM_Monitor" = D:\programy\OLYMPUS\OlympusMaster\Monitor.exe -NoStart -- [2006.05.16 17:51:00 | 000,057,344 | ---- | M] (OLYMPUS IMAGING CORP.)
"" =
"OEXPRESS" =
"WEBTRAN" =
"ASH24SXZ9S" = C:\Users\Venda\AppData\Local\Temp\Dkx.exe -- [2010.09.21 15:43:06 | 000,222,208 | ---- | M] (Alexander Roshal)
"SpywareTerminatorUpdate" = "D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.09.21 16:02:49 | 003,037,696 | ---- | M] (Crawler.com)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.03.15 00:02:28 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Adobe
[2010.05.28 16:21:11 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Apple Computer
[2010.04.15 13:37:06 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Creative
[2010.03.14 23:47:54 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\CyberLink
[2010.03.17 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2010.09.06 00:58:36 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\dvdcss
[2010.08.30 14:12:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\HP
[2010.09.21 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2010.03.12 23:08:37 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Identities
[2010.03.14 23:40:27 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\InstallShield
[2010.09.21 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.06.01 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Leadertech
[2010.03.13 19:35:24 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Macromedia
[2010.06.04 21:32:56 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Media Center Programs
[2010.06.24 20:45:26 | 000,000,000 | --SD | M] -- C:\Users\Venda\AppData\Roaming\Microsoft
[2010.03.13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla
[2010.08.14 21:49:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2010.07.27 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Ovi Suite
[2010.08.30 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.07.26 02:06:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2010.09.21 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2010.09.18 00:14:01 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\vlc
[2010.07.27 17:35:40 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Winamp
[2010.03.14 21:42:24 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\WinRAR
[2010.05.04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
[2010.03.14 23:53:16 | 000,010,134 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe
[2010.03.14 23:53:16 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTOR.SYS >
[2010.06.08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b2da0d5f1235b4d6\iaStor.sys
[2010.03.03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
[2009.08.07 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4e5c180df4db988c\iaStor.sys
[2009.10.13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_6fca727099cdabf1\iaStor.sys
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< End of report >
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.09.21 18:10:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.21 16:02:48 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 16:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Venda
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\LangSoft
[2010.09.20 23:16:28 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.09.15 20:57:32 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.09.15 18:50:09 | 000,000,000 | ---D | C] -- C:\Temp
[2010.09.15 18:36:12 | 000,000,000 | ---D | C] -- C:\Users\Venda\Desktop\Nová složka
[2010.09.14 12:17:56 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\Remote Assistance Logs
[2010.09.10 23:39:17 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\NFS Most Wanted
[2010.09.10 22:36:52 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.09.10 22:36:52 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.09.10 22:36:51 | 003,077,120 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.09.10 22:36:50 | 015,845,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.09.10 22:36:50 | 005,167,104 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.09.10 22:36:50 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.09.10 22:36:50 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.09.10 22:36:50 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.09.10 22:36:50 | 000,036,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2010.09.10 22:36:48 | 020,817,408 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.09.10 22:36:46 | 007,451,648 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.09.10 22:36:46 | 000,268,288 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.09.10 22:36:46 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.09.10 22:36:45 | 000,018,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.09.10 22:36:45 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.09.10 22:36:45 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.09.10 22:36:44 | 003,899,392 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.09.10 22:36:44 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.09.10 22:36:43 | 005,394,432 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.09.10 22:36:43 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.09.10 22:36:43 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.09.10 22:36:43 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.09.10 22:36:42 | 004,341,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.09.10 22:36:42 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.09.10 22:36:42 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.09.10 22:36:42 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.09.10 22:36:42 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.09.10 22:36:42 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.09.10 22:36:42 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.09.10 02:28:44 | 002,347,008 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\LWCtPl.dll
[2010.09.10 02:28:41 | 000,356,352 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\WMWizard.dll
[2010.09.10 02:28:41 | 000,163,840 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\WmJoyFrc.dll
[2010.09.10 02:28:41 | 000,086,016 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9xDAPI.dll
[2010.09.10 02:28:41 | 000,061,440 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9XdInst.dll
[2010.09.10 02:28:41 | 000,033,216 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\LFLoad.sys
[2010.09.10 02:28:41 | 000,027,388 | ---- | C] (Immersion Corporation) -- C:\Windows\SysWow64\drivers\ihidfilt.sys
[2010.09.10 02:28:41 | 000,017,280 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\drivers\LHidHi.sys
[2010.09.10 02:28:41 | 000,013,408 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LHidLo.sys
[2010.09.10 02:28:41 | 000,010,432 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LUsbSys.sys
[2010.09.10 02:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech
[2010.09.09 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.09.09 21:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.09.09 21:09:53 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\2K Games
[2010.09.09 13:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010.09.05 10:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010.08.31 11:43:40 | 004,021,760 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.08.31 11:43:40 | 003,324,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.08.31 11:43:32 | 000,519,680 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.08.31 11:30:17 | 000,116,240 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\HP
[2010.08.30 13:56:01 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\HP
[2010.08.30 13:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010.08.30 13:52:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010.08.30 13:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010.08.30 13:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010.08.30 13:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2010.08.30 13:50:17 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010.08.30 13:33:48 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010.08.30 12:57:03 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.08.30 12:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010.08.30 12:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.08.30 12:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010.08.26 23:05:38 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\BIMBO
[2010.08.24 19:33:26 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.21 18:17:12 | 002,621,440 | -HS- | M] () -- C:\Users\Venda\ntuser.dat
[2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:47:45 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.21 17:47:45 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.09.21 17:47:45 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.21 17:47:45 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.09.21 17:47:45 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.21 17:38:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.21 17:30:59 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.09.21 17:30:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.21 17:01:44 | 000,003,193 | ---- | M] () -- C:\Users\Venda\wincmd.ini
[2010.09.21 16:52:35 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 16:52:35 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 16:44:30 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.21 16:44:22 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.21 16:44:12 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.21 16:42:55 | 007,056,478 | -H-- | M] () -- C:\Users\Venda\AppData\Local\IconCache.db
[2010.09.21 16:03:06 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.20 23:29:13 | 000,000,833 | ---- | M] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | M] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:22 | 002,655,607 | ---- | M] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | M] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:36:58 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.09 13:39:57 | 000,002,069 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | M] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | M] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:57:25 | 000,065,536 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.08.30 22:31:55 | 000,342,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.30 13:58:21 | 000,223,791 | ---- | M] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:56:09 | 000,000,438 | ---- | M] () -- C:\Windows\win.ini
[2010.08.30 13:56:02 | 000,084,520 | ---- | M] () -- C:\Users\Venda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.30 13:52:49 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:22 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 13:52:05 | 000,001,863 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.08.30 12:56:29 | 000,000,744 | ---- | M] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.26 23:18:26 | 000,001,747 | ---- | M] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.21 16:03:06 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.21 15:42:46 | 000,000,286 | -H-- | C] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.09.20 23:29:13 | 000,000,833 | ---- | C] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:21 | 002,655,607 | ---- | C] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | C] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:51:34 | 001,155,109 | ---- | C] () -- C:\Users\Venda\Desktop\NfSMWcz.exe
[2010.09.10 23:38:09 | 000,167,936 | ---- | C] () -- C:\Users\Venda\Desktop\sd4hide.exe
[2010.09.10 23:36:58 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.10 22:36:52 | 000,523,968 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.09.10 22:36:51 | 000,523,968 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.09.10 22:36:48 | 000,022,053 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.09.10 22:36:45 | 000,219,348 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.09.10 22:36:42 | 000,071,096 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.09.10 02:28:41 | 000,040,519 | ---- | C] () -- C:\Windows\SysWow64\LXLCore.VxD
[2010.09.10 02:28:41 | 000,034,272 | ---- | C] () -- C:\Windows\SysWow64\Ljoy.VxD
[2010.09.10 02:28:41 | 000,022,659 | ---- | C] () -- C:\Windows\SysWow64\Lserial.VxD
[2010.09.10 02:28:41 | 000,019,620 | ---- | C] () -- C:\Windows\SysWow64\LJoyFrc.vxd
[2010.09.10 02:28:41 | 000,016,680 | ---- | C] () -- C:\Windows\SysWow64\LDigital.VxD
[2010.09.10 02:28:41 | 000,011,428 | ---- | C] () -- C:\Windows\SysWow64\LUsbVxd.vxd
[2010.09.10 02:28:41 | 000,009,196 | ---- | C] () -- C:\Windows\SysWow64\LJoyV.VxD
[2010.09.10 02:28:41 | 000,006,243 | ---- | C] () -- C:\Windows\SysWow64\LAnalog.VxD
[2010.09.09 13:39:57 | 000,002,069 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | C] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | C] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:23:12 | 000,065,536 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.30 13:52:49 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:21 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 13:52:05 | 000,001,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010.08.30 13:34:23 | 000,223,791 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:34:23 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010.08.30 12:56:29 | 000,000,744 | ---- | C] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.30 12:23:04 | 000,001,819 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.08.26 23:18:26 | 000,001,747 | ---- | C] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[2010.08.16 11:53:26 | 000,000,017 | ---- | C] () -- C:\Users\Venda\AppData\Local\resmon.resmoncfg
[2010.07.27 16:12:13 | 000,008,192 | ---- | C] () -- C:\Users\Venda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.01 16:36:46 | 000,106,500 | RHS- | C] () -- C:\Users\Venda\AppData\Local\Isass.exe
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[1998.01.16 21:38:02 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\EasyRegistry.dll
========== LOP Check ==========
[2010.03.17 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2010.09.21 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2010.09.21 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.06.01 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Leadertech
[2010.08.14 21:49:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2010.07.27 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Ovi Suite
[2010.08.30 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.07.26 02:06:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2010.09.21 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2010.05.04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
[2010.09.06 17:12:44 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.21 17:30:59 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DriverMax_RESTART" = "D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe" -RESTART -- [2010.03.07 20:55:06 | 009,220,000 | ---- | M] (Innovative Solutions)
"ABBYY Screenshot Reader Bonus" =
"OM_Monitor" = D:\programy\OLYMPUS\OlympusMaster\Monitor.exe -NoStart -- [2006.05.16 17:51:00 | 000,057,344 | ---- | M] (OLYMPUS IMAGING CORP.)
"" =
"OEXPRESS" =
"WEBTRAN" =
"ASH24SXZ9S" = C:\Users\Venda\AppData\Local\Temp\Dkx.exe -- [2010.09.21 15:43:06 | 000,222,208 | ---- | M] (Alexander Roshal)
"SpywareTerminatorUpdate" = "D:\programy\systemove_programy\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.09.21 16:02:49 | 003,037,696 | ---- | M] (Crawler.com)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.03.15 00:02:28 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Adobe
[2010.05.28 16:21:11 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Apple Computer
[2010.04.15 13:37:06 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Creative
[2010.03.14 23:47:54 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\CyberLink
[2010.03.17 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2010.09.06 00:58:36 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\dvdcss
[2010.08.30 14:12:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\HP
[2010.09.21 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2010.03.12 23:08:37 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Identities
[2010.03.14 23:40:27 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\InstallShield
[2010.09.21 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.06.01 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Leadertech
[2010.03.13 19:35:24 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Macromedia
[2010.06.04 21:32:56 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Media Center Programs
[2010.06.24 20:45:26 | 000,000,000 | --SD | M] -- C:\Users\Venda\AppData\Roaming\Microsoft
[2010.03.13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla
[2010.08.14 21:49:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2010.07.27 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Ovi Suite
[2010.08.30 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.07.26 02:06:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2010.09.21 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2010.09.18 00:14:01 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\vlc
[2010.07.27 17:35:40 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Winamp
[2010.03.14 21:42:24 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\WinRAR
[2010.05.04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
< %APPDATA%\*.exe /s >
[2010.03.14 23:53:16 | 000,010,134 | R--- | M] () -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe
[2010.03.14 23:53:16 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\Venda\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTOR.SYS >
[2010.06.08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b2da0d5f1235b4d6\iaStor.sys
[2010.03.03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
[2009.08.07 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4e5c180df4db988c\iaStor.sys
[2009.10.13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_6fca727099cdabf1\iaStor.sys
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< End of report >
Re: kontrola logu po vymazani trojanu
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4532
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
21.9.2010 18:57:09
mbam-log-2010-09-21 (18-57-09).txt
Typ skenu: Úplný sken (C:\|D:\|E:\|G:\|)
Skenované objekty: 288049
Uplynulý čas: 46 minuta(y), 8 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
www.malwarebytes.org
Verze databáze: 4532
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
21.9.2010 18:57:09
mbam-log-2010-09-21 (18-57-09).txt
Typ skenu: Úplný sken (C:\|D:\|E:\|G:\|)
Skenované objekty: 288049
Uplynulý čas: 46 minuta(y), 8 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
Re: kontrola logu po vymazani trojanu
tento soubor znáte:C:\Users\Venda\Desktop\Bimbuška.lnk
V mbamu vše smažte.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: kontrola logu po vymazani trojanu
Ano znám.
Tam jsou jen fotky...
vymazáno
restart
Tam jsou jen fotky...
vymazáno
restart
Re: kontrola logu po vymazani trojanu
Jestli je to vše, děkuji.
Re: kontrola logu po vymazani trojanu
Není, ještě nějaké drobnosti doladíme
Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Tuto složku znáte?
C:\Users\Venda\Desktop\Nová složka
Tento program používáte a funguje Vám?
d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
Spustte OTL-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - [2010.09.21 15:43:06 | 000,222,208 | ---- | M] (Alexander Roshal) -- C:\Users\Venda\AppData\Local\Temp\Dkx.exe
PRC - [2010.09.21 15:42:39 | 000,225,280 | ---- | M] (Alexander Roshal) -- C:\Users\Venda\AppData\Local\Temp\Dkw.exe
O33 - MountPoints2\{a9cb926a-3421-11df-b305-0026b900d528}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [WEBTRAN] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [ABBYY Screenshot Reader Bonus] File not found
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [ASH24SXZ9S] C:\Users\Venda\AppData\Local\Temp\Dkx.exe (Alexander Roshal)
O3 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Users\Venda\AppData\Local\Isass.exe
:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Tuto složku znáte?C:\Users\Venda\Desktop\Nová složka
Tento program používáte a funguje Vám?d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: kontrola logu po vymazani trojanu
awast našel v C:\OTL\movedfiles nejakej vir, tak jsem ho smazal awastem
restart
navá složka - znám
dpinst.exe přímo neotevírám, ale používám program drivermax, který mi ho tam nainstaloval, k aktualizaci ovladačů a funguje bezvadně.
Jinak když se snažim spustit tuto ikonu d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
- při vykonávání programu došlo k chybě.
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named Dkx.exe was found!
No active process named Dkw.exe was found!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9cb926a-3421-11df-b305-0026b900d528}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9cb926a-3421-11df-b305-0026b900d528}\ not found.
File F:\Autorun.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASH24SXZ9S not found.
File C:\Users\Venda\AppData\Local\Temp\Dkx.exe not found.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF335.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI34C.tmp moved successfully.
C:\WINDOWS\Installer\MSI63FA.tmp moved successfully.
C:\WINDOWS\Installer\MSI701C.tmp moved successfully.
C:\WINDOWS\Installer\MSI9DB1.tmp moved successfully.
C:\WINDOWS\Installer\MSI9EEA.tmp moved successfully.
C:\WINDOWS\Installer\MSIA062.tmp moved successfully.
C:\WINDOWS\Installer\MSIA0EF.tmp moved successfully.
C:\WINDOWS\Installer\MSID942.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
C:\Users\Venda\AppData\Local\Isass.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Venda
->Temp folder emptied: 3982356 bytes
->Temporary Internet Files folder emptied: 5460555 bytes
->Java cache emptied: 1193255 bytes
->FireFox cache emptied: 41125183 bytes
->Flash cache emptied: 3705 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70911 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 50,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Venda
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.14.1 log created on 09212010_214240
Files\Folders moved on Reboot...
C:\Users\Venda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
restart
navá složka - znám
dpinst.exe přímo neotevírám, ale používám program drivermax, který mi ho tam nainstaloval, k aktualizaci ovladačů a funguje bezvadně.
Jinak když se snažim spustit tuto ikonu d:\programy\systemove_programy\drivermax\prog_drivermax\DPInst\ia64\dpinst.exe
- při vykonávání programu došlo k chybě.
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named Dkx.exe was found!
No active process named Dkw.exe was found!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9cb926a-3421-11df-b305-0026b900d528}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a9cb926a-3421-11df-b305-0026b900d528}\ not found.
File F:\Autorun.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Bonus deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASH24SXZ9S not found.
File C:\Users\Venda\AppData\Local\Temp\Dkx.exe not found.
Registry value HKEY_USERS\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF335.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI34C.tmp moved successfully.
C:\WINDOWS\Installer\MSI63FA.tmp moved successfully.
C:\WINDOWS\Installer\MSI701C.tmp moved successfully.
C:\WINDOWS\Installer\MSI9DB1.tmp moved successfully.
C:\WINDOWS\Installer\MSI9EEA.tmp moved successfully.
C:\WINDOWS\Installer\MSIA062.tmp moved successfully.
C:\WINDOWS\Installer\MSIA0EF.tmp moved successfully.
C:\WINDOWS\Installer\MSID942.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
C:\Users\Venda\AppData\Local\Isass.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Venda
->Temp folder emptied: 3982356 bytes
->Temporary Internet Files folder emptied: 5460555 bytes
->Java cache emptied: 1193255 bytes
->FireFox cache emptied: 41125183 bytes
->Flash cache emptied: 3705 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70911 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 50,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Venda
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.14.1 log created on 09212010_214240
Files\Folders moved on Reboot...
C:\Users\Venda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Venda\AppData\Local\Mozilla\Firefox\Profiles\er4gj12s.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: kontrola logu po vymazani trojanu
Teď to vypadá s počítačem jak?
Poprosím o nový log z OTL, bez skriptu.
Poprosím o nový log z OTL, bez skriptu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: kontrola logu po vymazani trojanu
Teď nic nikde nikdo nehlásí.
Děkuji
OTL logfile created on: 21.9.2010 22:14:14 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,20 Gb Total Space | 5,10 Gb Free Space | 17,46% Space Free | Partition Type: NTFS
Drive D: | 436,46 Gb Total Space | 99,78 Gb Free Space | 22,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VENDA-PC
Current User Name: Venda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
PRC - [2010.09.20 23:24:36 | 003,137,536 | ---- | M] () -- D:\programy\PC Translator 2009\program\WDICT32.EXE
PRC - [2010.09.19 21:02:09 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe
PRC - [2010.07.11 00:54:32 | 000,408,936 | ---- | M] (Microsoft Corporation) -- D:\programy\Microsoft_Office_Enterprise2007\Office12\WINWORD.EXE
PRC - [2010.06.20 04:06:46 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- D:\programy\AdobeReader\prog_AdobeReader\Reader\AcroRd32.exe
PRC - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2010.01.07 17:11:28 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe
PRC - [2009.09.20 12:15:26 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_clipbook.exe
PRC - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- D:\programy\PDF\program\NetworkLicenseServer.exe
PRC - [2008.07.22 18:33:36 | 000,150,528 | ---- | M] (Hewlett-Packard) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HpqSRmon.exe
========== Modules (SafeList) ==========
MOD - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
MOD - [2010.06.03 13:02:37 | 000,278,288 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2009.07.14 03:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.08.03 20:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.26 02:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters)
SRV - [2010.09.21 16:02:48 | 001,033,255 | ---- | M] (Xacti LLC) [Auto | Running] -- D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.03 12:59:37 | 002,348,600 | ---- | M] (COMODO) [Auto | Running] -- D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.20 12:24:02 | 000,249,344 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009.09.20 12:24:02 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- D:\programy\PDF\program\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV:64bit: - [2010.08.16 22:26:16 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.03 20:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.15 15:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.06.08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.06.01 06:58:50 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.05.06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.08 09:42:32 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.03.15 14:35:24 | 000,384,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.02.26 14:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 14:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 14:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 14:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.26 14:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.02.26 14:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010.02.26 02:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.11.25 01:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.11.25 01:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009.08.24 11:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.25 18:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 17:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.28 11:48:20 | 000,160,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2005.04.04 12:45:03 | 000,065,536 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.02.23 18:00:19 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2010.01.07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/07/10 00:49:12] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 C7 24 31 EC 33 CB 01 [binary data]
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\programy\Nokia_program\Nokia PC Suite 7\bkmrksync\ [2010.07.26 02:01:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.30 13:53:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\components [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\plugins [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
[2010.03.13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Extensions
[2010.09.20 23:26:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions
[2010.09.20 23:26:46 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.03.15 17:01:46 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.03.17 18:10:03 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.09.15 18:21:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2010.08.18 21:27:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.27 14:54:30 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.08.05 16:02:49 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.09.15 18:22:11 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\smarterwiki@wikiatic.com
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4:64bit: - HKLM..\Run: [COMODO Internet Security] D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast!] D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [hpqSRMon] D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [DriverMax_RESTART] D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\Monitor.exe (OLYMPUS IMAGING CORP.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\Microsoft_Office_Enterprise2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprof ... emLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.168.176.3
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe -- File not found
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.21 21:42:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.21 19:25:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.09.21 18:10:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.21 16:02:48 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 16:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Venda
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\LangSoft
[2010.09.20 23:16:28 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.09.15 20:57:32 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.09.15 18:50:09 | 000,000,000 | ---D | C] -- C:\Temp
[2010.09.15 18:36:12 | 000,000,000 | ---D | C] -- C:\Users\Venda\Desktop\Nová složka
[2010.09.14 12:17:56 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\Remote Assistance Logs
[2010.09.10 23:39:17 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\NFS Most Wanted
[2010.09.10 22:36:52 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.09.10 22:36:52 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.09.10 22:36:51 | 003,077,120 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.09.10 22:36:50 | 015,845,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.09.10 22:36:50 | 005,167,104 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.09.10 22:36:50 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.09.10 22:36:50 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.09.10 22:36:50 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.09.10 22:36:50 | 000,036,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2010.09.10 22:36:48 | 020,817,408 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.09.10 22:36:46 | 007,451,648 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.09.10 22:36:46 | 000,268,288 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.09.10 22:36:46 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.09.10 22:36:45 | 000,018,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.09.10 22:36:45 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.09.10 22:36:45 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.09.10 22:36:44 | 003,899,392 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.09.10 22:36:44 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.09.10 22:36:43 | 005,394,432 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.09.10 22:36:43 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.09.10 22:36:43 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.09.10 22:36:43 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.09.10 22:36:42 | 004,341,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.09.10 22:36:42 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.09.10 22:36:42 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.09.10 22:36:42 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.09.10 22:36:42 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.09.10 22:36:42 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.09.10 22:36:42 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.09.10 02:28:44 | 002,347,008 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\LWCtPl.dll
[2010.09.10 02:28:41 | 000,356,352 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\WMWizard.dll
[2010.09.10 02:28:41 | 000,163,840 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\WmJoyFrc.dll
[2010.09.10 02:28:41 | 000,086,016 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9xDAPI.dll
[2010.09.10 02:28:41 | 000,061,440 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9XdInst.dll
[2010.09.10 02:28:41 | 000,033,216 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\LFLoad.sys
[2010.09.10 02:28:41 | 000,027,388 | ---- | C] (Immersion Corporation) -- C:\Windows\SysWow64\drivers\ihidfilt.sys
[2010.09.10 02:28:41 | 000,017,280 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\drivers\LHidHi.sys
[2010.09.10 02:28:41 | 000,013,408 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LHidLo.sys
[2010.09.10 02:28:41 | 000,010,432 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LUsbSys.sys
[2010.09.10 02:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech
[2010.09.09 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.09.09 21:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.09.09 21:09:53 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\2K Games
[2010.09.09 13:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010.09.05 10:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010.08.31 11:43:40 | 004,021,760 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.08.31 11:43:40 | 003,324,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.08.31 11:43:32 | 000,519,680 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.08.31 11:30:17 | 000,116,240 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\HP
[2010.08.30 13:56:01 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\HP
[2010.08.30 13:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010.08.30 13:52:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010.08.30 13:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010.08.30 13:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010.08.30 13:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2010.08.30 13:50:17 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010.08.30 13:33:48 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010.08.30 12:57:03 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.08.30 12:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010.08.30 12:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.08.30 12:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010.08.26 23:05:38 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\BIMBO
[2010.08.24 19:33:26 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.21 22:14:42 | 002,621,440 | -HS- | M] () -- C:\Users\Venda\ntuser.dat
[2010.09.21 21:56:56 | 000,003,987 | ---- | M] () -- C:\Users\Venda\wincmd.ini
[2010.09.21 21:52:30 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 21:52:30 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 21:45:29 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.21 21:45:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.21 21:45:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.21 21:45:03 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.21 21:44:26 | 007,061,940 | -H-- | M] () -- C:\Users\Venda\AppData\Local\IconCache.db
[2010.09.21 21:38:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:47:45 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.21 17:47:45 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.09.21 17:47:45 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.21 17:47:45 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.09.21 17:47:45 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.21 16:03:06 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.20 23:29:13 | 000,000,833 | ---- | M] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | M] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:22 | 002,655,607 | ---- | M] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | M] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:36:58 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.09 13:39:57 | 000,002,069 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | M] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | M] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:57:25 | 000,065,536 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.08.30 22:31:55 | 000,342,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.30 13:58:21 | 000,223,791 | ---- | M] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:56:09 | 000,000,438 | ---- | M] () -- C:\Windows\win.ini
[2010.08.30 13:56:02 | 000,084,520 | ---- | M] () -- C:\Users\Venda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.30 13:52:49 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:22 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 12:56:29 | 000,000,744 | ---- | M] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.26 23:18:26 | 000,001,747 | ---- | M] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.21 16:03:06 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.20 23:29:13 | 000,000,833 | ---- | C] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:21 | 002,655,607 | ---- | C] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | C] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:51:34 | 001,155,109 | ---- | C] () -- C:\Users\Venda\Desktop\NfSMWcz.exe
[2010.09.10 23:38:09 | 000,167,936 | ---- | C] () -- C:\Users\Venda\Desktop\sd4hide.exe
[2010.09.10 23:36:58 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.10 22:36:52 | 000,523,968 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.09.10 22:36:51 | 000,523,968 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.09.10 22:36:48 | 000,022,053 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.09.10 22:36:45 | 000,219,348 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.09.10 22:36:42 | 000,071,096 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.09.10 02:28:41 | 000,040,519 | ---- | C] () -- C:\Windows\SysWow64\LXLCore.VxD
[2010.09.10 02:28:41 | 000,034,272 | ---- | C] () -- C:\Windows\SysWow64\Ljoy.VxD
[2010.09.10 02:28:41 | 000,022,659 | ---- | C] () -- C:\Windows\SysWow64\Lserial.VxD
[2010.09.10 02:28:41 | 000,019,620 | ---- | C] () -- C:\Windows\SysWow64\LJoyFrc.vxd
[2010.09.10 02:28:41 | 000,016,680 | ---- | C] () -- C:\Windows\SysWow64\LDigital.VxD
[2010.09.10 02:28:41 | 000,011,428 | ---- | C] () -- C:\Windows\SysWow64\LUsbVxd.vxd
[2010.09.10 02:28:41 | 000,009,196 | ---- | C] () -- C:\Windows\SysWow64\LJoyV.VxD
[2010.09.10 02:28:41 | 000,006,243 | ---- | C] () -- C:\Windows\SysWow64\LAnalog.VxD
[2010.09.09 13:39:57 | 000,002,069 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | C] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | C] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:23:12 | 000,065,536 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.30 13:52:49 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:21 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 13:34:23 | 000,223,791 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:34:23 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010.08.30 12:56:29 | 000,000,744 | ---- | C] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.30 12:23:04 | 000,001,819 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.08.26 23:18:26 | 000,001,747 | ---- | C] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[2010.08.16 11:53:26 | 000,000,017 | ---- | C] () -- C:\Users\Venda\AppData\Local\resmon.resmoncfg
[2010.07.27 16:12:13 | 000,008,192 | ---- | C] () -- C:\Users\Venda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[1998.01.16 21:38:02 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\EasyRegistry.dll
========== LOP Check ==========
[2010.03.17 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2010.09.21 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2010.09.21 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.06.01 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Leadertech
[2010.08.14 21:49:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2010.07.27 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Ovi Suite
[2010.08.30 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.07.26 02:06:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2010.09.21 19:28:48 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2010.05.04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
[2010.09.06 17:12:44 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Děkuji
OTL logfile created on: 21.9.2010 22:14:14 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Venda\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,20 Gb Total Space | 5,10 Gb Free Space | 17,46% Space Free | Partition Type: NTFS
Drive D: | 436,46 Gb Total Space | 99,78 Gb Free Space | 22,86% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VENDA-PC
Current User Name: Venda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
PRC - [2010.09.20 23:24:36 | 003,137,536 | ---- | M] () -- D:\programy\PC Translator 2009\program\WDICT32.EXE
PRC - [2010.09.19 21:02:09 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\firefox.exe
PRC - [2010.07.11 00:54:32 | 000,408,936 | ---- | M] (Microsoft Corporation) -- D:\programy\Microsoft_Office_Enterprise2007\Office12\WINWORD.EXE
PRC - [2010.06.20 04:06:46 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- D:\programy\AdobeReader\prog_AdobeReader\Reader\AcroRd32.exe
PRC - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
PRC - [2010.01.07 17:11:28 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe
PRC - [2009.09.20 12:15:26 | 000,116,280 | ---- | M] (Hewlett-Packard Co.) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_clipbook.exe
PRC - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) -- D:\programy\PDF\program\NetworkLicenseServer.exe
PRC - [2008.07.22 18:33:36 | 000,150,528 | ---- | M] (Hewlett-Packard) -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HpqSRmon.exe
========== Modules (SafeList) ==========
MOD - [2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
MOD - [2010.06.03 13:02:37 | 000,278,288 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2009.07.14 03:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.08.03 20:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.26 02:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters)
SRV - [2010.09.21 16:02:48 | 001,033,255 | ---- | M] (Xacti LLC) [Auto | Running] -- D:\programy\systemove_programy\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.03 12:59:37 | 002,348,600 | ---- | M] (COMODO) [Auto | Running] -- D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.02.12 20:23:32 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\programy\systemove_programy\Avast\prog_Avast\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.20 12:24:02 | 000,249,344 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009.09.20 12:24:02 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.05.14 18:07:12 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- D:\programy\PDF\program\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV:64bit: - [2010.08.16 22:26:16 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.03 21:22:36 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.03 20:15:44 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.15 15:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.06.08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.06.01 06:58:50 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.05.06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.08 09:42:32 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.03.15 14:35:24 | 000,384,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.02.26 14:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 14:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 14:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 14:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.26 14:21:22 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.02.26 14:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010.02.26 02:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.11.25 01:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009.11.25 01:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2009.08.24 11:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.25 18:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.25 17:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009.06.25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.28 11:48:20 | 000,160,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2005.04.04 12:45:03 | 000,065,536 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.02.23 18:00:19 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2010.01.07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/07/10 00:49:12] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 C7 24 31 EC 33 CB 01 [binary data]
IE - HKU\S-1-5-21-1270551171-3976107745-765880178-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\programy\Nokia_program\Nokia PC Suite 7\bkmrksync\ [2010.07.26 02:01:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\programy\HP_ALL-in-one-series\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.30 13:53:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\components [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: D:\programy\systemove_programy\mozilla_firefox\prog_mozilafirefox\plugins [2010.09.19 21:02:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.09 13:38:13 | 000,000,000 | ---D | M]
[2010.03.13 18:43:32 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Extensions
[2010.09.20 23:26:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions
[2010.09.20 23:26:46 | 000,000,000 | ---D | M] (WebTran) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.03.15 17:01:46 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.03.17 18:10:03 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.09.15 18:21:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2010.08.18 21:27:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.27 14:54:30 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.08.05 16:02:49 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.09.15 18:22:11 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Mozilla\Firefox\Profiles\er4gj12s.default\extensions\smarterwiki@wikiatic.com
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4:64bit: - HKLM..\Run: [COMODO Internet Security] D:\programy\systemove_programy\firewall\Comodo\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast!] D:\programy\systemove_programy\Avast\prog_Avast\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [hpqSRMon] D:\programy\HP_ALL-in-one-series\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [DriverMax_RESTART] D:\programy\systemove_programy\DriverMax\prog_DriverMax\devices.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1270551171-3976107745-765880178-1000..\Run: [OM_Monitor] D:\programy\OLYMPUS\OlympusMaster\Monitor.exe (OLYMPUS IMAGING CORP.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\programy\Microsoft_Office_Enterprise2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\programy\ICQ\prog_ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\Microsoft_Office_Enterprise2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\programy\HP_ALL-in-one-series\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprof ... emLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.168.176.3
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{62adf223-9829-11df-9be1-0026b900d528}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe -- File not found
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell - "" = AutoRun
O33 - MountPoints2\{65ec5d24-2fa3-11df-9b9b-0026b900d528}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.21 21:42:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.21 19:25:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.09.21 18:10:03 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.21 16:02:48 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 16:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Venda
[2010.09.20 23:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\LangSoft
[2010.09.20 23:16:28 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.09.15 20:57:32 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.09.15 18:50:09 | 000,000,000 | ---D | C] -- C:\Temp
[2010.09.15 18:36:12 | 000,000,000 | ---D | C] -- C:\Users\Venda\Desktop\Nová složka
[2010.09.14 12:17:56 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\Remote Assistance Logs
[2010.09.10 23:39:17 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\NFS Most Wanted
[2010.09.10 22:36:52 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.09.10 22:36:52 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.09.10 22:36:51 | 003,077,120 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.09.10 22:36:50 | 015,845,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.09.10 22:36:50 | 005,167,104 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.09.10 22:36:50 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.09.10 22:36:50 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.09.10 22:36:50 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.09.10 22:36:50 | 000,036,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2010.09.10 22:36:48 | 020,817,408 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.09.10 22:36:46 | 007,451,648 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.09.10 22:36:46 | 000,268,288 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.09.10 22:36:46 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.09.10 22:36:46 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.09.10 22:36:46 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.09.10 22:36:45 | 000,018,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.09.10 22:36:45 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.09.10 22:36:45 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.09.10 22:36:45 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.09.10 22:36:44 | 003,899,392 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.09.10 22:36:44 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.09.10 22:36:43 | 005,394,432 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.09.10 22:36:43 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.09.10 22:36:43 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.09.10 22:36:43 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.09.10 22:36:42 | 004,341,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.09.10 22:36:42 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.09.10 22:36:42 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.09.10 22:36:42 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.09.10 22:36:42 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.09.10 22:36:42 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.09.10 22:36:42 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.09.10 02:28:44 | 002,347,008 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\LWCtPl.dll
[2010.09.10 02:28:41 | 000,356,352 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\WMWizard.dll
[2010.09.10 02:28:41 | 000,163,840 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\WmJoyFrc.dll
[2010.09.10 02:28:41 | 000,086,016 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9xDAPI.dll
[2010.09.10 02:28:41 | 000,061,440 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9XdInst.dll
[2010.09.10 02:28:41 | 000,033,216 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\LFLoad.sys
[2010.09.10 02:28:41 | 000,027,388 | ---- | C] (Immersion Corporation) -- C:\Windows\SysWow64\drivers\ihidfilt.sys
[2010.09.10 02:28:41 | 000,017,280 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\drivers\LHidHi.sys
[2010.09.10 02:28:41 | 000,013,408 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LHidLo.sys
[2010.09.10 02:28:41 | 000,010,432 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LUsbSys.sys
[2010.09.10 02:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech
[2010.09.09 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.09.09 21:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.09.09 21:09:53 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\2K Games
[2010.09.09 13:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010.09.05 10:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2010.08.31 11:43:40 | 004,021,760 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.08.31 11:43:40 | 003,324,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.08.31 11:43:32 | 000,519,680 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.08.31 11:30:17 | 000,116,240 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010.08.30 13:58:31 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\HP
[2010.08.30 13:56:01 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Local\HP
[2010.08.30 13:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010.08.30 13:52:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010.08.30 13:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010.08.30 13:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010.08.30 13:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2010.08.30 13:50:17 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010.08.30 13:33:48 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010.08.30 12:57:03 | 000,000,000 | ---D | C] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.08.30 12:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010.08.30 12:55:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.08.30 12:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010.08.26 23:05:38 | 000,000,000 | ---D | C] -- C:\Users\Venda\Documents\BIMBO
[2010.08.24 19:33:26 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.21 22:14:42 | 002,621,440 | -HS- | M] () -- C:\Users\Venda\ntuser.dat
[2010.09.21 21:56:56 | 000,003,987 | ---- | M] () -- C:\Users\Venda\wincmd.ini
[2010.09.21 21:52:30 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 21:52:30 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.21 21:45:29 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.21 21:45:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.21 21:45:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.21 21:45:03 | 3193,581,568 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.21 21:44:26 | 007,061,940 | -H-- | M] () -- C:\Users\Venda\AppData\Local\IconCache.db
[2010.09.21 21:38:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.21 18:10:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Venda\Desktop\OTL.exe
[2010.09.21 17:47:45 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.21 17:47:45 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.09.21 17:47:45 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.21 17:47:45 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.09.21 17:47:45 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.21 16:03:06 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.20 23:29:13 | 000,000,833 | ---- | M] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | M] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | M] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:22 | 002,655,607 | ---- | M] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | M] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:36:58 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.09 13:39:57 | 000,002,069 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | M] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | M] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:57:25 | 000,524,288 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:57:25 | 000,065,536 | -HS- | M] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.08.30 22:31:55 | 000,342,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.30 13:58:21 | 000,223,791 | ---- | M] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:56:09 | 000,000,438 | ---- | M] () -- C:\Windows\win.ini
[2010.08.30 13:56:02 | 000,084,520 | ---- | M] () -- C:\Users\Venda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.30 13:52:49 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:22 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 12:56:29 | 000,000,744 | ---- | M] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.26 23:18:26 | 000,001,747 | ---- | M] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[1 C:\Users\Venda\AppData\Local\*.tmp files -> C:\Users\Venda\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.21 16:03:06 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator.lnk
[2010.09.20 23:29:13 | 000,000,833 | ---- | C] () -- C:\Users\Venda\Desktop\BAKALÁŘSKÁ_PRÁCE – zástupce.lnk
[2010.09.20 23:26:05 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\Slovník.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\PC Translator 2009.lnk
[2010.09.20 23:25:27 | 000,000,814 | ---- | C] () -- C:\Users\Venda\Desktop\DicMan.lnk
[2010.09.15 18:35:21 | 002,655,607 | ---- | C] () -- C:\Users\Venda\Desktop\389751007271_31479.mp4
[2010.09.12 21:59:04 | 000,000,801 | ---- | C] () -- C:\Users\Venda\Desktop\launcher – zástupce.lnk
[2010.09.10 23:51:34 | 001,155,109 | ---- | C] () -- C:\Users\Venda\Desktop\NfSMWcz.exe
[2010.09.10 23:38:09 | 000,167,936 | ---- | C] () -- C:\Users\Venda\Desktop\sd4hide.exe
[2010.09.10 23:36:58 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.09.10 22:36:52 | 000,523,968 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.09.10 22:36:51 | 000,523,968 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.09.10 22:36:48 | 000,022,053 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.09.10 22:36:45 | 000,219,348 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.09.10 22:36:42 | 000,071,096 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.09.10 02:28:41 | 000,040,519 | ---- | C] () -- C:\Windows\SysWow64\LXLCore.VxD
[2010.09.10 02:28:41 | 000,034,272 | ---- | C] () -- C:\Windows\SysWow64\Ljoy.VxD
[2010.09.10 02:28:41 | 000,022,659 | ---- | C] () -- C:\Windows\SysWow64\Lserial.VxD
[2010.09.10 02:28:41 | 000,019,620 | ---- | C] () -- C:\Windows\SysWow64\LJoyFrc.vxd
[2010.09.10 02:28:41 | 000,016,680 | ---- | C] () -- C:\Windows\SysWow64\LDigital.VxD
[2010.09.10 02:28:41 | 000,011,428 | ---- | C] () -- C:\Windows\SysWow64\LUsbVxd.vxd
[2010.09.10 02:28:41 | 000,009,196 | ---- | C] () -- C:\Windows\SysWow64\LJoyV.VxD
[2010.09.10 02:28:41 | 000,006,243 | ---- | C] () -- C:\Windows\SysWow64\LAnalog.VxD
[2010.09.09 13:39:57 | 000,002,069 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.09.05 19:41:34 | 000,000,919 | ---- | C] () -- C:\Users\Venda\Desktop\Age of Empires III.lnk
[2010.09.05 10:39:34 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\gBurner.lnk
[2010.09.02 21:42:34 | 000,000,000 | -H-- | C] () -- C:\Users\Venda\Documents\Default.rdp
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.08.31 11:43:38 | 000,002,857 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000002.regtrans-ms
[2010.08.31 11:23:12 | 000,524,288 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TMContainer00000000000000000001.regtrans-ms
[2010.08.31 11:23:12 | 000,065,536 | -HS- | C] () -- C:\Users\Venda\ntuser.dat{2bbfdf33-b4e1-11df-b7b3-0026b900d528}.TM.blf
[2010.08.30 13:52:49 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2010.08.30 13:52:21 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\Centrum řešení HP.lnk
[2010.08.30 13:34:23 | 000,223,791 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010.08.30 13:34:23 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010.08.30 12:56:29 | 000,000,744 | ---- | C] () -- C:\Users\Public\Desktop\OLYMPUS Master.lnk
[2010.08.30 12:23:04 | 000,001,819 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.08.26 23:18:26 | 000,001,747 | ---- | C] () -- C:\Users\Venda\Desktop\Bimbuška.lnk
[2010.08.16 11:53:26 | 000,000,017 | ---- | C] () -- C:\Users\Venda\AppData\Local\resmon.resmoncfg
[2010.07.27 16:12:13 | 000,008,192 | ---- | C] () -- C:\Users\Venda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[1998.01.16 21:38:02 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\EasyRegistry.dll
========== LOP Check ==========
[2010.03.17 21:12:25 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\DAEMON Tools Lite
[2010.09.21 16:42:52 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\ICQ
[2010.09.21 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\LangSoft
[2010.06.01 13:03:59 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Leadertech
[2010.08.14 21:49:58 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia
[2010.07.27 16:12:57 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Nokia Ovi Suite
[2010.08.30 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\OLYMPUS
[2010.07.26 02:06:49 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\PC Suite
[2010.09.21 19:28:48 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\Spyware Terminator
[2010.09.21 17:53:47 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\uTorrent
[2010.05.04 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\Venda\AppData\Roaming\XnView
[2010.09.06 17:12:44 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Re: kontrola logu po vymazani trojanu
Fajn, vypadá to dobře. za pár dní tu dejte znovu log z OTL na kontrolu, jestli něco nezůstalo
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?