Totalni zpomaleni netu

Zpráva

#61 Příspěvek od **motji** » 03 pro 2010 00:50

Poprosím o nový log ze rsitu.
Odinstaloval jste ten advanced system care? dejte pryč i Ad aware a pak udělejte ten log ze Rsitu, at vidím co tam je nebo není.
Naděje umírá poslední, na reinstal času dost

memart · #62 Příspěvek od **memart** » 03 pro 2010 17:13

Zdravim

Noo, oba jsou pryc (Adv. Sys. Care & Ad-Aware).Log zde:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ing. Markovic at 2010-12-03 17:05:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 72 GB (64%) free of 113 GB
Total RAM: 2046 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:05:37, on 3.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tenda\Common\RaRegistry.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tenda\Common\RaUI.exe
C:\Program Files\VoipGain.com\VoipGain\VoipGain.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Avant Browser\ybrowser.exe
C:\Documents and Settings\Ing. Markovic\Local Settings\Temporary Internet Files\Content.IE5\L6R3P3A8\RSIT[1].exe
C:\Program Files\trend micro\Ing. Markovic.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SAOB Monitor] C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Služba Acronis Scheduler2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Tenda Wireless Utility.lnk = C:\Program Files\Tenda\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\program files\iobit\advanced systemcare 3\spictrl.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Tenda\Common\RaRegistry.exe

--
End of file - 4732 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-23 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-23 3908192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SAOB Monitor"=C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-09-23 5502312]
"Služba Acronis Scheduler2"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
E:\Alcohol120\Alcohol 120\axcmd.exe [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-04-03 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files\IGN\Download Manager\DLM.exe [2009-05-14 1103216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2010-11-11 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-09-29 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-09-02 672632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-21 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AutoUpdate Monitor.lnk]
D:\PROGRA~1\AUTOUP~1\ALMon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Rychlý začátek s aplikací HP Photosmart Premier.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Tenda W311U.lnk]
C:\Program Files\Tenda\W311U\UI.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ing. Markovic^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-05-15 384512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"STI Simulator"=2
"StarWindServiceAE"=2
"ose"=3
"odserv"=3
"npggsvc"=3
"LightScribeService"=2
"JavaQuickStarterService"=2
"idsvc"=3
"gupdate"=2
"DAUpdaterSvc"=3
"avg9wd"=2
"ATI Smart"=2
"Ati HotKey Poller"=2
"afcdpsrv"=2
"avast! Web Scanner"=3
"avast! Mail Scanner"=3
"avast! Antivirus"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Tenda Wireless Utility.lnk - C:\Program Files\Tenda\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-07-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoResolveTrack"=1
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Skype old\Skype.exe"="C:\Program Files\Skype\Skype old\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:PowerDVD"
"C:\WINDOWS\System32\DPNSvr.exe"="C:\WINDOWS\System32\DPNSvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\System32\dxdiag.exe"="C:\WINDOWS\System32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"E:\Dragon Age\bin_ship\daorigins.exe"="E:\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"E:\Dragon Age\DAOriginsLauncher.exe"="E:\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"E:\Dragon Age\bin_ship\daupdatersvc.service.exe"="E:\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"D:\Program Files\TelMe - DeskCall NG\DeskCallEvo.exe"="D:\Program Files\TelMe - DeskCall NG\DeskCallEvo.exe:*:Enabled:DeskCallEvo"
"D:\Program Files\PoivY\PoivY.exe"="D:\Program Files\PoivY\PoivY.exe:*:Enabled:PoivY"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\VoipGain.com\VoipGain\VoipGain.exe"="C:\Program Files\VoipGain.com\VoipGain\VoipGain.exe:*:Enabled:VoipGain"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-12-02 20:20:41 ----SHD---- C:\Recycled
2010-12-02 17:07:12 ----A---- C:\ComboFix.txt
2010-12-02 10:48:12 ----D---- C:\Program Files\SeaMonkey
2010-12-02 10:43:40 ----D---- C:\Program Files\Opera
2010-12-02 10:41:34 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Maxthon3
2010-12-02 10:34:59 ----D---- C:\Program Files\Mozilla Firefox
2010-11-30 10:46:17 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\VoipGain
2010-11-30 10:42:57 ----D---- C:\Program Files\VoipGain.com
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\W32N55.INI
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\W32N55.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\ssleay32.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\Scutum.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\RalinkGina.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\libeay32.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\drivers\Scutum50.sys
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\DiagFunc.ini
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\DiagFunc.dll
2010-11-29 04:29:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tenda Driver
2010-11-28 22:33:26 ----D---- C:\FOUND.008
2010-11-27 22:27:11 ----D---- C:\Program Files\Gepard
2010-11-27 21:45:38 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Lunascape
2010-11-27 21:30:38 ----D---- C:\Program Files\Lunascape
2010-11-27 19:19:19 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Flock
2010-11-27 18:35:45 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Netscape
2010-11-27 18:35:39 ----D---- C:\Program Files\Netscape
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-11-27 11:10:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-11-27 11:10:25 ----D---- C:\Program Files\Alwil Software
2010-11-27 11:10:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-11-27 10:53:12 ----D---- C:\Program Files\HD Tune
2010-11-27 01:01:04 ----D---- C:\WINDOWS\temp
2010-11-27 00:22:41 ----D---- C:\rsit
2010-11-27 00:22:41 ----D---- C:\Program Files\trend micro
2010-11-26 21:01:36 ----D---- C:\FOUND.007
2010-11-26 20:42:04 ----RASHD---- C:\cmdcons
2010-11-26 20:30:53 ----A---- C:\WINDOWS\zip.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\SWSC.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\SWREG.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\sed.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\PEV.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\NIRCMD.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\MBR.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\grep.exe
2010-11-26 20:06:14 ----ASH---- C:\hiberfil.sys
2010-11-26 18:20:39 ----D---- C:\WINDOWS\CSC
2010-11-26 09:52:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2010-11-26 00:04:52 ----A---- C:\WINDOWS\ndinst.exe
2010-11-25 10:05:52 ----D---- C:\Program Files\ConduitEngine
2010-11-25 10:05:40 ----D---- C:\Program Files\InnoGames_EN
2010-11-23 13:13:58 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-23 13:13:31 ----D---- C:\Program Files\ICQ7.2
2010-11-20 20:37:46 ----A---- C:\WINDOWS\ntbtlog.txt
2010-11-20 20:37:42 ----D---- C:\FOUND.006
2010-11-19 16:03:56 ----A---- C:\WINDOWS\system32\RaCoInst.dll
2010-11-19 16:03:56 ----A---- C:\WINDOWS\system32\drivers\rt2870.sys
2010-11-19 16:03:56 ----A---- C:\WINDOWS\system32\drivers\AegisP.sys
2010-11-19 16:03:53 ----D---- C:\Program Files\Tenda
2010-11-17 22:42:28 ----A---- C:\WINDOWS\system32\drivers\afcdp.sys
2010-11-17 22:42:27 ----A---- C:\WINDOWS\system32\drivers\tdrpm273.sys
2010-11-17 22:42:24 ----A---- C:\WINDOWS\system32\drivers\timntr.sys
2010-11-17 22:42:20 ----A---- C:\WINDOWS\system32\drivers\snapman.sys
2010-11-17 22:42:11 ----D---- C:\Program Files\Acronis
2010-11-17 22:42:09 ----D---- C:\Program Files\Common Files\Acronis
2010-11-17 22:40:29 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acronis
2010-11-17 22:40:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2010-11-13 14:58:40 ----D---- C:\Program Files\iPod
2010-11-13 10:12:15 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-13 10:11:53 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-11-13 10:11:52 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-11-13 10:11:51 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-11-13 10:11:50 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-11-13 10:11:50 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-11-13 10:11:50 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-11-13 10:10:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache

======List of files/folders modified in the last 1 months======

2010-12-03 16:51:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-02 17:05:58 ----A---- C:\WINDOWS\system.ini
2010-12-02 16:45:44 ----A---- C:\WINDOWS\win.ini
2010-12-02 15:44:52 ----RASH---- C:\boot.ini
2010-12-02 11:11:18 ----A---- C:\WINDOWS\WININIT.INI
2010-11-29 10:30:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-27 12:37:56 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-26 19:45:16 ----A---- C:\Boot.bak
2010-11-10 23:56:38 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-05-13 111808]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-11-17 170464]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-30 721904]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\WINDOWS\system32\DRIVERS\tdrpm273.sys [2010-11-17 752128]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-11-17 600928]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-11-19 21419]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 Scutum50;Scutum50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\Scutum50.sys [2009-12-10 19072]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-07-07 5069312]
R3 cm102u32;C-Media CM6501 Like Sound Interface; C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 1419968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2010-04-14 827488]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 60255]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2010-11-17 163232]
S3 aipk7epv;aipk7epv; C:\WINDOWS\system32\drivers\aipk7epv.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 c65013264;C-Media CM6501 Like Sound UDAX Interface; C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 1419968]
S3 catchme;catchme; \??\C:\DOCUME~1\ING~1.MAR\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-07-05 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-07-05 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-07-05 21568]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\L2 - Hellbound\system1\npkcrypt.sys []
S3 npkcusb;npkcusb; \??\C:\Program Files\L2 - Hellbound\system1\npkcusb.sys []
S3 npkycryp;npkycryp; \??\C:\Program Files\L2 - Hellbound\system1\npkycryp.sys []
S3 PAC7311;Phenix-Q8; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2005-10-18 154752]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 SQ931;USB 2.0 Video Camera; C:\WINDOWS\System32\Drivers\Capt931a.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-12-23 549421]
S3 TKFsAc;TKFsAc; \??\C:\WINDOWS\system32\TKFsAc2k.sys []
S3 TKFsAv;TKFsAv; \??\C:\WINDOWS\system32\TKFsAv2k.sys []
S3 TKFsFt;TKFsFt; \??\C:\WINDOWS\system32\TKFsFt2k.sys []
S3 TKRgAc;TKRgAc; \??\C:\WINDOWS\system32\TKRgAc2k.sys []
S3 TKRgFt;TKRgFt; \??\C:\WINDOWS\system32\TKRgFtXp.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\Tenda\Common\RaRegistry.exe [2009-12-10 185632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-17 3975088]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-07-07 602112]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S4 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-13 136176]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-11-11 820008]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-05-15 79400]
S4 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE []
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S4 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-04-15 2722845]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S4 StarWindServiceAE;StarWind AE Service; E:\Alcohol120\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S4 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-09-21 1247600]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

#63 Příspěvek od **motji** » 03 pro 2010 21:39

Furt jsou tam nějaké zbytky

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

memart · #64 Příspěvek od **memart** » 04 pro 2010 01:18

OTL:

OTL logfile created on: 4.12.2010 1:03:11 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ing. Markovic\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 110,14 Gb Total Space | 70,30 Gb Free Space | 63,83% Space Free | Partition Type: FAT32
Drive D: | 40,47 Gb Total Space | 17,42 Gb Free Space | 43,05% Space Free | Partition Type: FAT32
Drive E: | 142,52 Gb Total Space | 53,34 Gb Free Space | 37,42% Space Free | Partition Type: NTFS
Drive H: | 1009,72 Mb Total Space | 730,42 Mb Free Space | 72,34% Space Free | Partition Type: FAT

Computer Name: NESA | User Name: Ing. Markovic | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.12.04 01:01:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ing. Markovic\Plocha\OTL.exe
PRC - [2010.10.25 10:50:06 | 001,413,432 | ---- | M] (Avant Force) -- C:\Program Files\Avant Browser\avant.exe
PRC - [2010.10.25 10:50:06 | 001,384,248 | ---- | M] (Avant Force) -- C:\Program Files\Avant Browser\ybrowser.exe
PRC - [2010.09.23 15:59:56 | 000,391,144 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010.09.23 15:59:48 | 000,780,368 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2010.09.23 15:57:06 | 005,502,312 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.09.02 16:49:40 | 002,536,752 | ---- | M] (Acronis) -- C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
PRC - [2010.06.13 14:01:50 | 000,379,392 | ---- | M] () -- C:\Program Files\Tenda\Common\RaUI.exe
PRC - [2009.12.10 11:16:08 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Tenda\Common\RaRegistry.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.10.26 13:45:04 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WISPTIS.EXE

========== Modules (SafeList) ==========

MOD - [2010.12.04 01:01:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ing. Markovic\Plocha\OTL.exe
MOD - [2010.08.23 18:12:34 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE -- (LiveUpdate)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2010.11.17 22:42:30 | 003,975,088 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.09.23 15:59:48 | 000,780,368 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.09.07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:12:00 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.12.10 11:16:08 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Tenda\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009.07.26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [Disabled | Stopped] -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.04.15 01:15:00 | 002,722,845 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2007.09.21 21:30:50 | 001,247,600 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- E:\Alcohol120\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Capt931a.sys -- (SQ931)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\L2 - Hellbound\system1\npkycryp.sys -- (npkycryp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\L2 - Hellbound\system1\npkcusb.sys -- (npkcusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\L2 - Hellbound\system1\npkcrypt.sys -- (npkcrypt)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ING~1.MAR\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\AmdLLD.sys -- (AmdLLD)
DRV - [2010.11.17 22:42:30 | 000,163,232 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2010.11.17 22:42:28 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV - [2010.11.17 22:42:28 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.11.17 22:42:22 | 000,170,464 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010.09.07 16:52:26 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:04 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:20 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:08 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:52 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.07.15 09:13:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.07.07 04:27:52 | 005,069,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.04.14 18:39:20 | 000,827,488 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.10 11:16:14 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2009.12.09 15:10:54 | 000,079,584 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsFt2k.sys -- (TKFsFt)
DRV - [2009.09.30 22:40:46 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.08.24 13:21:28 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.05.27 17:10:00 | 000,024,704 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgFtXp.sys -- (TKRgFt)
DRV - [2009.05.13 17:54:20 | 000,041,984 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgAc2k.sys -- (TKRgAc)
DRV - [2009.04.21 09:06:20 | 000,088,864 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAc2k.sys -- (TKFsAc)
DRV - [2009.04.21 09:06:20 | 000,031,488 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAv2k.sys -- (TKFsAv)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2007.10.13 23:06:22 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007.08.20 20:22:18 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.12.28 18:44:44 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.09.05 16:04:38 | 001,419,968 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\c6501.sys -- (cm102u32)
DRV - [2006.09.05 16:04:38 | 001,419,968 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\c6501.sys -- (c65013264)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.10.18 11:48:38 | 000,154,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2005.05.17 17:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005.04.06 03:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.06 03:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.08.13 03:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.05.13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.23 21:23:04 | 000,549,421 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.08.12 14:51:30 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.autocont.cz
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.autocont.cz
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "About:Blank"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.11
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {942cd1d4-9cc1-4d31-876a-ea8f489f7a59}:3.2.5.2
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.09.29 13:25:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.11.13 10:12:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.02 10:35:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.02 10:35:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2010.11.27 18:35:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Navigator 9.0.0.6\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2010.11.27 18:35:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.9\extensions\\Components: C:\Program Files\SeaMonkey\components [2010.12.02 10:48:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.9\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2010.12.02 10:48:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.11.13 10:12:26 | 000,000,000 | ---D | M]

[2010.09.29 21:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Extensions
[2010.11.27 19:57:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2010.11.27 20:19:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2010.09.29 21:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\extensions
[2010.11.13 11:51:44 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.10.01 07:53:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.23 13:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.11.25 09:58:52 | 000,000,000 | ---D | M] (InnoGames EN Community Toolbar) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
[2010.11.21 02:29:46 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.11.25 09:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\extensions\engine@conduit.com
[2010.11.27 19:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\SeaMonkey\Profiles\0ft2h7i4.default\extensions
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla\Firefox\Profiles\7cq9bdj7.default\searchplugins\icqplugin.xml
[2010.12.02 10:35:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.27 06:19:36 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.10.27 06:19:36 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.10.27 06:19:36 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.10.27 06:19:36 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.10.27 06:19:36 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.11.29 23:09:52 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda Wireless Utility.lnk = C:\Program Files\Tenda\Common\RaUI.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.08.17 10:12:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.12.04 01:01:21 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ing. Markovic\Plocha\OTL.exe
[2010.12.03 14:56:01 | 000,000,000 | ---D | C] -- d:\Documents and Settings\Ing. Markovic\Dokumenty\VoIP
[2010.12.02 20:20:41 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010.12.02 10:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\SeaMonkey
[2010.12.02 10:43:40 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.12.02 10:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Maxthon3
[2010.12.02 10:34:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.11.30 10:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\VoipGain
[2010.11.30 10:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\VoipGain.com
[2010.11.29 04:30:01 | 001,085,440 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libeay32.dll
[2010.11.29 04:30:01 | 000,796,032 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\Scutum.dll
[2010.11.29 04:30:01 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssleay32.dll
[2010.11.29 04:30:01 | 000,180,224 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32N55.dll
[2010.11.29 04:30:01 | 000,152,968 | ---- | C] (Ralink Tech) -- C:\WINDOWS\System32\RalinkGina.dll
[2010.11.29 04:30:01 | 000,019,072 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\Scutum50.sys
[2010.11.29 04:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Tenda Driver
[2010.11.29 00:11:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Plocha\2009_1110_RT3070_Linux_STA_v2.1.2.0
[2010.11.28 22:33:26 | 000,000,000 | ---D | C] -- C:\FOUND.008
[2010.11.27 22:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\Gepard
[2010.11.27 22:25:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\Chromium
[2010.11.27 21:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Lunascape
[2010.11.27 21:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Lunascape
[2010.11.27 19:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\Flock
[2010.11.27 19:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Flock
[2010.11.27 18:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\Netscape
[2010.11.27 18:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Netscape
[2010.11.27 18:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\Netscape
[2010.11.27 15:48:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\Opera
[2010.11.27 14:53:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\InnoGames_EN
[2010.11.27 11:10:39 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.11.27 11:10:39 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.11.27 11:10:39 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.11.27 11:10:39 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.11.27 11:10:39 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.11.27 11:10:39 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.11.27 11:10:39 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.11.27 11:10:32 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.11.27 11:10:32 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.11.27 11:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.11.27 11:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.11.27 10:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2010.11.27 01:18:46 | 000,642,632 | ---- | C] (EFD Software ) -- d:\Documents and Settings\Ing. Markovic\Dokumenty\SUTRA hdtune_255.exe
[2010.11.27 01:01:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.11.27 00:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.27 00:22:41 | 000,000,000 | ---D | C] -- C:\rsit
[2010.11.26 21:01:36 | 000,000,000 | ---D | C] -- C:\FOUND.007
[2010.11.26 20:42:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.11.26 20:30:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.11.26 20:30:53 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.11.26 20:30:53 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.11.26 20:30:53 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.11.26 18:20:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2010.11.26 09:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.11.25 10:05:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\InnoGames_EN
[2010.11.25 10:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\ConduitEngine
[2010.11.25 10:05:52 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010.11.25 10:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\InnoGames_EN
[2010.11.23 13:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2010.11.23 13:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\AOL
[2010.11.23 13:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.2
[2010.11.20 20:37:42 | 000,000,000 | ---D | C] -- C:\FOUND.006
[2010.11.19 16:03:56 | 000,827,488 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt2870.sys
[2010.11.19 16:03:56 | 000,238,944 | ---- | C] (Ralink Technology, Inc.) -- C:\WINDOWS\System32\RaCoInst.dll
[2010.11.19 16:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\Tenda
[2010.11.17 22:42:28 | 000,163,232 | ---- | C] (Acronis) -- C:\WINDOWS\System32\drivers\afcdp.sys
[2010.11.17 22:42:27 | 000,752,128 | ---- | C] (Acronis) -- C:\WINDOWS\System32\drivers\tdrpm273.sys
[2010.11.17 22:42:24 | 000,600,928 | ---- | C] (Acronis) -- C:\WINDOWS\System32\drivers\timntr.sys
[2010.11.17 22:42:20 | 000,170,464 | ---- | C] (Acronis) -- C:\WINDOWS\System32\drivers\snapman.sys
[2010.11.17 22:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis
[2010.11.17 22:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis
[2010.11.17 22:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acronis
[2010.11.17 22:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2010.11.13 17:05:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\NokiaAccount
[2010.11.13 14:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.11.13 10:14:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\Nokia
[2010.11.13 10:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.11.13 10:11:53 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010.11.13 10:11:52 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010.11.13 10:11:51 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010.11.13 10:11:50 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfcoinstaller01009.dll
[2010.11.13 10:11:50 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010.11.13 10:11:50 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010.11.13 10:10:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache

========== Files - Modified Within 30 Days ==========

[2010.12.04 01:01:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ing. Markovic\Plocha\OTL.exe
[2010.12.04 00:09:02 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.03 16:52:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.03 16:52:24 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.03 16:52:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.03 16:52:14 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.03 10:19:34 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.12.02 16:09:40 | 003,983,662 | R--- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\ComboFix.exe
[2010.12.02 15:44:52 | 000,000,310 | RHS- | M] () -- C:\boot.ini
[2010.12.02 11:11:18 | 000,000,068 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2010.12.02 10:48:16 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SeaMonkey.lnk
[2010.12.02 10:43:44 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.12.02 10:35:02 | 000,001,511 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.12.01 19:05:32 | 002,668,192 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Intervju s Divljom S.mp3
[2010.12.01 18:25:38 | 000,328,192 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\KVIZ PITANJE1.doc
[2010.12.01 14:23:32 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.12.01 13:44:30 | 000,001,618 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Netscape Navigator.lnk
[2010.11.30 10:43:00 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\VoipGain.lnk
[2010.11.29 17:03:42 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Ceska_(engleske) litva.xls
[2010.11.29 12:15:38 | 000,001,383 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\HijackThis.lnk
[2010.11.29 10:30:40 | 000,518,156 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.11.29 10:30:40 | 000,512,820 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.11.29 10:30:40 | 000,111,566 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.11.29 10:30:40 | 000,096,006 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.29 04:30:02 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda Wireless Utility.lnk
[2010.11.29 04:29:58 | 000,000,489 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Tenda Wireless Utility.lnk
[2010.11.28 12:43:58 | 000,122,652 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Albion Gr. 2010-11-19-08-54-09_Obchodnik_AJ.pdf
[2010.11.28 12:43:20 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.27 22:27:12 | 000,001,549 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Gepard internet 2005 2.0.lnk
[2010.11.27 19:18:00 | 012,720,216 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\flock-ns.exe
[2010.11.27 15:15:10 | 000,165,820 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Vse zalozky.7z
[2010.11.27 14:53:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.11.27 12:37:56 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.27 12:10:24 | 000,017,534 | ---- | M] () -- C:\WINDOWS\System32\mdc8021x.vxd
[2010.11.27 12:10:24 | 000,001,726 | ---- | M] () -- C:\WINDOWS\ndinst.exe
[2010.11.27 11:10:40 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.11.27 11:10:40 | 000,001,609 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.11.27 10:53:14 | 000,000,522 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\HD Tune.lnk
[2010.11.27 00:02:26 | 000,001,251 | ---- | M] () -- C:\CF-Submit.htm
[2010.11.26 19:45:16 | 000,000,264 | ---- | M] () -- C:\Boot.bak
[2010.11.25 11:53:28 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\ESETSmartInstaller.exe.lnk
[2010.11.25 11:47:36 | 000,000,932 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\OnlineScannerApp.exe.lnk
[2010.11.23 19:26:14 | 000,225,280 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\CV-N.M En.doc
[2010.11.23 19:05:34 | 003,318,934 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\SOS-DEKOARCE.pdf
[2010.11.23 13:14:12 | 000,001,396 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.2.lnk
[2010.11.23 12:44:44 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Aurora toys.lnk
[2010.11.23 11:32:16 | 000,226,304 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\CV-N.M cz.doc
[2010.11.22 14:54:46 | 000,049,664 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\SPOLUPRACE BIOHEM - prv.doc
[2010.11.19 19:10:28 | 000,334,983 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\VISAGEBGcoRS - katalog.pdf
[2010.11.17 22:42:30 | 000,163,232 | ---- | M] (Acronis) -- C:\WINDOWS\System32\drivers\afcdp.sys
[2010.11.17 22:42:28 | 000,752,128 | ---- | M] (Acronis) -- C:\WINDOWS\System32\drivers\tdrpm273.sys
[2010.11.17 22:42:28 | 000,600,928 | ---- | M] (Acronis) -- C:\WINDOWS\System32\drivers\timntr.sys
[2010.11.17 22:42:22 | 000,170,464 | ---- | M] (Acronis) -- C:\WINDOWS\System32\drivers\snapman.sys
[2010.11.17 22:42:18 | 000,000,999 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Acronis Online Backup.lnk
[2010.11.17 22:42:18 | 000,000,773 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Acronis True Image Home 2011.lnk
[2010.11.17 20:44:50 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.11.14 20:10:34 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Player.lnk
[2010.11.14 15:48:32 | 000,334,983 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Nasa koza - katalog.pdf
[2010.11.14 14:38:20 | 001,894,458 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Poslovna.pdf
[2010.11.14 14:37:16 | 003,412,435 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Specijalna.pdf
[2010.11.14 14:36:30 | 000,490,163 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Putna.pdf
[2010.11.14 14:35:26 | 002,608,353 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Sitna.pdf
[2010.11.14 14:34:30 | 001,004,906 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - skolska.pdf
[2010.11.14 14:33:36 | 003,302,731 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - zenska.pdf
[2010.11.14 14:33:18 | 001,893,481 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - muska.pdf
[2010.11.13 17:33:46 | 053,921,943 | ---- | M] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\snickers-cs-2010.pdf
[2010.11.13 14:59:04 | 000,001,451 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\iTunes.lnk
[2010.11.13 10:45:48 | 000,226,816 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Global BIOHEM Work - SISTEM POSLOVANJA.doc
[2010.11.13 10:13:54 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nokia Ovi Suite.lnk
[2010.11.09 23:49:38 | 000,001,412 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Mapa znaků.lnk
[2010.11.09 21:29:32 | 000,001,412 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Malování.lnk
[2010.11.09 16:14:16 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.11.08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe

========== Files Created - No Company Name ==========

[2010.12.02 10:48:14 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SeaMonkey.lnk
[2010.12.02 10:43:42 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.12.02 10:35:01 | 000,001,511 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.12.01 18:28:49 | 002,668,192 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Intervju s Divljom S.mp3
[2010.12.01 18:24:59 | 000,328,192 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\KVIZ PITANJE1.doc
[2010.11.30 10:42:58 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\VoipGain.lnk
[2010.11.29 17:03:55 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Ceska_(engleske) litva.xls
[2010.11.29 04:30:01 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2010.11.29 04:30:01 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2010.11.29 04:30:01 | 000,000,516 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2010.11.29 04:30:00 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Tenda Wireless Utility.lnk
[2010.11.29 04:29:56 | 000,000,489 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Tenda Wireless Utility.lnk
[2010.11.28 12:43:57 | 000,122,652 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Albion Gr. 2010-11-19-08-54-09_Obchodnik_AJ.pdf
[2010.11.27 22:27:11 | 000,001,549 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Gepard internet 2005 2.0.lnk
[2010.11.27 19:11:46 | 012,720,216 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\flock-ns.exe
[2010.11.27 18:35:41 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Netscape Navigator.lnk
[2010.11.27 16:30:58 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.11.27 15:15:09 | 000,165,820 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Vse zalozky.7z
[2010.11.27 11:10:39 | 000,001,609 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.11.27 10:53:12 | 000,000,522 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\HD Tune.lnk
[2010.11.27 00:02:24 | 000,001,251 | ---- | C] () -- C:\CF-Submit.htm
[2010.11.26 20:30:53 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.11.26 20:30:53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.11.26 20:30:53 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.11.26 20:30:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.11.26 20:30:53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.11.26 20:06:14 | 2145,898,496 | -HS- | C] () -- C:\hiberfil.sys
[2010.11.26 19:23:40 | 003,983,662 | R--- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\ComboFix.exe
[2010.11.26 00:04:52 | 000,017,534 | ---- | C] () -- C:\WINDOWS\System32\mdc8021x.vxd
[2010.11.26 00:04:52 | 000,001,726 | ---- | C] () -- C:\WINDOWS\ndinst.exe
[2010.11.25 11:53:27 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\ESETSmartInstaller.exe.lnk
[2010.11.25 11:47:35 | 000,000,932 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\OnlineScannerApp.exe.lnk
[2010.11.23 19:05:23 | 003,318,934 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\SOS-DEKOARCE.pdf
[2010.11.23 13:14:11 | 000,001,396 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.2.lnk
[2010.11.23 12:44:43 | 000,001,042 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Aurora toys.lnk
[2010.11.22 14:40:56 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\SPOLUPRACE BIOHEM - prv.doc
[2010.11.19 19:10:27 | 000,334,983 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\VISAGEBGcoRS - katalog.pdf
[2010.11.19 16:03:56 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010.11.17 22:42:17 | 000,000,999 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Acronis Online Backup.lnk
[2010.11.17 22:42:17 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Acronis True Image Home 2011.lnk
[2010.11.14 20:10:33 | 000,000,686 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Player.lnk
[2010.11.14 15:48:31 | 000,334,983 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Nasa koza - katalog.pdf
[2010.11.14 14:38:18 | 001,894,458 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Poslovna.pdf
[2010.11.14 14:37:13 | 003,412,435 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Specijalna.pdf
[2010.11.14 14:36:28 | 000,490,163 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Putna.pdf
[2010.11.14 14:35:24 | 002,608,353 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - Sitna.pdf
[2010.11.14 14:34:24 | 001,004,906 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - skolska.pdf
[2010.11.14 14:33:34 | 003,302,731 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - zenska.pdf
[2010.11.14 14:33:17 | 001,893,481 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\Merkur1926 - muska.pdf
[2010.11.13 17:32:39 | 053,921,943 | ---- | C] () -- d:\Documents and Settings\Ing. Markovic\Dokumenty\snickers-cs-2010.pdf
[2010.11.13 14:59:03 | 000,001,451 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\iTunes.lnk
[2010.11.13 10:45:23 | 000,226,816 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Plocha\Global BIOHEM Work - SISTEM POSLOVANJA.doc
[2010.11.13 10:13:51 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nokia Ovi Suite.lnk
[2009.12.25 16:12:38 | 000,000,216 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.12.25 16:12:38 | 000,000,107 | ---- | C] () -- C:\WINDOWS\tmp2Level.ini
[2009.09.30 22:40:45 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\SPTD.sys
[2009.08.24 13:21:26 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.08.03 11:03:27 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\sn3win.dll
[2009.04.25 01:22:28 | 000,001,631 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2009.04.25 00:39:58 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.04.24 21:25:46 | 000,000,068 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.04.01 16:21:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\b19b61b3-5755-4341-b721-acc96052d07f
[2009.03.27 21:03:35 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\c6501rm.dll
[2008.11.23 13:54:11 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.11.23 13:54:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.11.01 13:55:38 | 000,000,063 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.05.08 10:55:36 | 000,074,981 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Data aplikací\NMM-MetaData.db
[2008.04.03 21:32:35 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008.04.03 21:32:35 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008.01.01 12:32:01 | 000,002,916 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.11.23 21:18:59 | 000,000,124 | ---- | C] () -- C:\WINDOWS\System32\l2host.ini
[2007.11.20 23:19:48 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\addr_file.html
[2007.10.25 14:25:50 | 000,000,331 | ---- | C] () -- C:\WINDOWS\DUO.INI
[2007.09.18 15:17:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys
[2007.09.02 23:11:05 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2007.09.02 22:38:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\unrar.dll
[2007.09.02 16:11:48 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.08.23 11:04:37 | 000,049,664 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.20 23:29:09 | 000,549,421 | R--- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys
[2007.08.20 20:19:09 | 000,007,843 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.08.20 20:18:57 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.08.20 19:48:11 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\fusioncache.dat
[2007.08.17 14:00:39 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.08.17 13:42:45 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2007.08.17 10:07:42 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.05.02 23:38:24 | 000,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2006.03.09 16:01:24 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ahook.dll
[2004.08.13 03:56:20 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2001.07.07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1980.01.01 00:00:00 | 000,014,060 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[1980.01.01 00:00:00 | 000,000,223 | ---- | C] () -- C:\WINDOWS\System32\BOOTBAK.INI

========== LOP Check ==========
...
Pokracovani dal...

memart · #65 Příspěvek od **memart** » 04 pro 2010 01:19

II cast OTL:

[2007.08.17 11:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2007.08.17 13:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2007.11.20 23:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2008.05.08 09:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2008.05.08 09:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.01.23 14:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.01.23 15:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2009.04.03 15:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\2DBoy
[2009.04.11 14:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009.04.29 13:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Funcom
[2009.07.18 21:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.07.29 12:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.08.24 13:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.12.24 20:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.01.05 16:23:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2010.04.03 18:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sophos
[2010.07.08 17:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2010.10.30 14:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.11.13 10:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2010.11.17 22:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2010.11.26 09:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.11.27 11:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.11.29 04:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tenda Driver
[2010.11.25 23:10:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IObit
[2007.08.21 01:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\ICQ
[2007.08.21 01:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\ICQ Toolbar
[2007.09.02 23:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\TRIWORKS
[2007.09.13 09:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Image Zone Express
[2007.10.21 23:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\GetRightToGo
[2008.05.08 09:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\PC Suite
[2008.05.08 09:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Nokia
[2008.05.08 10:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Datalayer
[2008.09.11 01:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\DeskCallNG
[2008.11.22 23:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acreon
[2008.11.27 14:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Printer Info Cache
[2008.12.21 20:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\uTorrent
[2009.01.07 19:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Ashampoo
[2009.02.09 20:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\TeamViewer
[2009.02.09 22:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\DeskCallEvo
[2009.07.20 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\IObit
[2009.07.29 01:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\OpenOffice.org
[2009.08.14 00:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Opera
[2009.08.24 13:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Spyware Terminator
[2009.08.28 20:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\DNA
[2009.10.05 15:34:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Thunderbird
[2009.10.22 18:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Land Of Runes
[2010.01.27 11:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Uniblue
[2010.04.03 16:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\FreeFixer
[2010.05.06 14:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\PhotoFiltre
[2010.06.04 22:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\FileZilla
[2010.09.16 11:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\PoivY
[2010.11.17 22:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acronis
[2010.11.27 18:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Netscape
[2010.11.27 19:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Flock
[2010.11.27 21:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Lunascape
[2010.11.30 10:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\VoipGain
[2010.12.02 10:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Maxthon3
[2010.12.03 10:19:34 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\not active]
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2007.08.17 10:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Identities
[2007.08.17 13:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Ahead
[2007.08.17 13:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\CyberLink
[2007.08.17 10:07:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Microsoft
[2007.08.21 01:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Skype
[2007.08.21 01:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Mozilla
[2007.08.21 01:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Macromedia
[2007.08.21 01:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\ICQ
[2007.08.21 01:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\ICQ Toolbar
[2007.08.21 17:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Adobe
[2007.08.21 23:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\IGN_DLM
[2007.08.28 00:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\AdobeUM
[2007.09.02 23:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\TRIWORKS
[2007.09.12 21:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\HP
[2007.09.13 09:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Image Zone Express
[2007.09.23 20:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Google
[2007.10.02 01:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\WinRAR
[2007.10.09 21:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Apple Computer
[2007.10.15 17:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Sun
[2007.10.19 18:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\OpenOffice.org2
[2007.10.21 20:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\InstallShield
[2007.10.21 23:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\GetRightToGo
[2007.12.01 21:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Ventrilo
[2008.05.08 09:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\PC Suite
[2008.05.08 09:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Nokia
[2008.05.08 10:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Datalayer
[2008.05.29 23:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\ATI
[2008.05.29 23:32:14 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\SecuROM
[2008.09.11 01:20:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\DeskCallNG
[2008.11.01 13:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Real
[2008.11.22 23:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acreon
[2008.11.27 14:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Printer Info Cache
[2008.12.21 20:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\uTorrent
[2009.01.07 19:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Ashampoo
[2009.02.09 20:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\TeamViewer
[2009.02.09 22:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\DeskCallEvo
[2009.07.17 18:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\teamspeak2
[2009.07.18 14:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Malwarebytes
[2009.07.20 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\IObit
[2009.07.23 10:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\SUPERAntiSpyware.com
[2009.07.29 01:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\OpenOffice.org
[2009.08.14 00:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Opera
[2009.08.24 13:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Spyware Terminator
[2009.08.28 20:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\DNA
[2009.10.05 15:34:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Thunderbird
[2009.10.22 18:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Land Of Runes
[2010.01.27 11:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Uniblue
[2010.03.03 20:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Lavasoft
[2010.04.03 16:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\FreeFixer
[2010.05.06 14:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\PhotoFiltre
[2010.05.15 12:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\PSpad
[2010.06.04 22:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\FileZilla
[2010.08.08 19:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\DivX
[2010.09.16 11:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\PoivY
[2010.10.30 13:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Avant Profiles
[2010.11.17 22:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acronis
[2010.11.27 18:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Netscape
[2010.11.27 19:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Flock
[2010.11.27 21:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Lunascape
[2010.11.30 10:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\VoipGain
[2010.12.02 10:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Maxthon3

< %APPDATA%\*.exe /s >
[2008.11.22 23:17:40 | 000,272,384 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acreon\WowMatrix\Modules\curl.exe
[2009.07.21 15:56:06 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Ing. Markovic\Data aplikací\Microsoft\Installer\{4CCC7F68-A437-4559-A840-F5E010934951}\ARPPRODUCTICON.exe
[2010.06.25 10:08:10 | 000,583,168 | ---- | M] () -- C:\Documents and Settings\Ing. Markovic\Data aplikací\OpenOffice.org\3\user\uno_packages\cache\uno_packages\43.tmp_\sun-pdfimport.oxt\xpdfimport.exe

< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: AHCIX86.SYS >
[2008.03.08 03:24:52 | 000,176,136 | ---- | M] (AMD Technologies Inc.) MD5=B6E729A575F84938A08D367E8352EB86 -- C:\ATI\8-5_xp32_dd_ccc_wdm_enu_63030\SBDrv\RAID7xx\x86\ahcix86.sys
[2008.03.08 03:24:52 | 000,176,136 | ---- | M] (AMD Technologies Inc.) MD5=B6E729A575F84938A08D367E8352EB86 -- C:\ATI\SUPPORT\8-6_xp32_dd_ccc_wdm_enu_64783\SBDrv\RAID7xx\x86\ahcix86.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 05:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:12:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:40 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:hal.dll
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:Changer.sys
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.05.16 20:59:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 05:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2005.05.17 17:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2006.03.02 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2007.10.30 18:20:56 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=ACCF5A9A1FFAA490F33DBA1C632B95E1 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.04.20 14:18:36 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.09.30 22:40:46 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\SPTD.sys

< %systemroot%\System32\config\*.sav >
[2007.08.17 10:06:36 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[2007.08.17 10:06:36 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.08.17 10:06:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.12.03 16:52:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

========== Files - Unicode (All) ==========
[2009.11.04 20:19:42 | 000,000,000 | ---D | M](C:\Documents and Settings\Ing. Markovic\Data aplikací\???????sAppData) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\敎潲䍄敔灭慬整sAppData
[2009.11.04 20:19:42 | 000,000,000 | ---D | M](C:\Documents and Settings\Ing. Markovic\Data aplikací\???????sAppData) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\敎潲䍄敔灭慬整sAppData
(C:\Documents and Settings\Ing. Markovic\Data aplikací\???????sAppData) -- C:\Documents and Settings\Ing. Markovic\Data aplikací\敎潲䍄敔灭慬整sAppData

< End of report >

memart · #66 Příspěvek od **memart** » 04 pro 2010 01:32

...ale Extras.txt se zadne neotevrelo, ani jsem ho nenasel ulozeneho???
Nevim, sice DOS se bleskne narychlo 2x, ale jen OTL.txt se otevre

#67 Příspěvek od **motji** » 04 pro 2010 09:01

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Capt931a.sys -- (SQ931)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-3292285946-3697291689-1907411925-1005\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Reg Error: Value error. File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll (IObit)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

Extras se nevytvořil, nevadí. Tímto skriptem vyčistíme ještě zbytky po Advanced system care a uvidíme.

Kontrolu disku jsme dělali,že? a HD tune? Já už se na těch 5 stránkách trochu ztrácím

memart · #68 Příspěvek od **memart** » 04 pro 2010 11:55

Jdu na to

Kontrolu disku jsme delali a HD-tune take (strana 2), hehe - ja mam jen toto

memart · #69 Příspěvek od **memart** » 04 pro 2010 15:35

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Service SQ931 stopped successfully!
Service SQ931 deleted successfully!
File C:\WINDOWS\System32\Drivers\Capt931a.sys not found.
Service SASKUTIL stopped successfully!
Service SASKUTIL deleted successfully!
File C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys not found.
Service Lbd stopped successfully!
Service Lbd deleted successfully!
File C:\WINDOWS\System32\DRIVERS\Lbd.sys not found.
Service Lavasoft Kernexplorer stopped successfully!
Service Lavasoft Kernexplorer deleted successfully!
File C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\ConduitEngine.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_USERS\S-1-5-21-3292285946-3697291689-1907411925-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-3292285946-3697291689-1907411925-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
File C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
File C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000025\ deleted successfully.
File C:\Program Files\IObit\Advanced SystemCare 3\SPICtrl.dll not found.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\temp\_avast5_\unp89066100.tmp moved successfully.
C:\WINDOWS\temp\_avast5_\unp131243245.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: All Users

User: NetworkService
->Temporary Internet Files folder emptied: 571956 bytes

User: LocalService
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temporary Internet Files folder emptied: 0 bytes

User: Ing. Markovic
->Temporary Internet Files folder emptied: 79924275 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 2048 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 514842 bytes

Total Files Cleaned = 77,00 mb

[EMPTYFLASH]

User: Default User

User: All Users

User: NetworkService

User: LocalService
->Flash cache emptied: 0 bytes

User: Administrator

User: Ing. Markovic
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.

OTL by OldTimer - Version 3.2.17.3 log created on 12042010_152828

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

memart · #70 Příspěvek od **memart** » 04 pro 2010 16:01

Hmmm, nova Opera je bajecna!

#71 Příspěvek od **motji** » 04 pro 2010 18:21

memart píše:Hmmm, nova Opera je bajecna!

nechápu

Poprosím o nový log ze Rsitu, a nahlaste, jak to vypadá

memart · #72 Příspěvek od **memart** » 04 pro 2010 19:20

Nechapete?
Nerozumim??

´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´´
Ale slecno Radkine, vzdyt v tom bylo napsane vse

))
"Nova opera je krasna" - koukala ste?

VZDYT STE BAJECNA !!!

B i n g o o o !!!

!!! ---> VY STE TO ZVLADLA, JDE TO

Vsechny prohlizeci fachci!!!

DEKUJI !!!

#73 Příspěvek od **motji** » 04 pro 2010 23:03

teď jste mě dostal, navíc dnes mám nějaké dlouhé vedení a ještě třikrát zamotané kolem stodoly

.
A já to nevyřešila, to kolega Stell, s kterým jsem to konzultovala, jemu patří dík (díky Stell

). Pravděpodobně za to mohl Advanced system care, možná Ad aware a zbytky po různých antivirových programech.

Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě

A znovu poprosím o ten nový rsit

memart · #74 Příspěvek od **memart** » 05 pro 2010 00:12

Prvni ten RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ing. Markovic at 2010-12-05 00:10:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 71 GB (63%) free of 113 GB
Total RAM: 2046 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:10:59, on 5.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tenda\Common\RaRegistry.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tenda\Common\RaUI.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Avant Browser\ybrowser.exe
C:\Program Files\Avant Browser\ybrowser.exe
C:\Documents and Settings\Ing. Markovic\Local Settings\Temporary Internet Files\Content.IE5\73H9FAFV\RSIT[1].exe
C:\Program Files\trend micro\Ing. Markovic.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SAOB Monitor] C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Služba Acronis Scheduler2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Tenda Wireless Utility.lnk = C:\Program Files\Tenda\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Tenda\Common\RaRegistry.exe

--
End of file - 4144 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SAOB Monitor"=C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-09-23 5502312]
"Služba Acronis Scheduler2"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
E:\Alcohol120\Alcohol 120\axcmd.exe [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Ing. Markovic\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-04-03 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files\IGN\Download Manager\DLM.exe [2009-05-14 1103216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2010-11-11 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-09-29 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-09-02 672632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-21 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AutoUpdate Monitor.lnk]
D:\PROGRA~1\AUTOUP~1\ALMon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Rychlý začátek s aplikací HP Photosmart Premier.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Tenda W311U.lnk]
C:\Program Files\Tenda\W311U\UI.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ing. Markovic^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-05-15 384512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"STI Simulator"=2
"StarWindServiceAE"=2
"ose"=3
"odserv"=3
"npggsvc"=3
"LightScribeService"=2
"JavaQuickStarterService"=2
"idsvc"=3
"gupdate"=2
"DAUpdaterSvc"=3
"avg9wd"=2
"ATI Smart"=2
"Ati HotKey Poller"=2
"afcdpsrv"=2
"avast! Web Scanner"=3
"avast! Mail Scanner"=3
"avast! Antivirus"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Tenda Wireless Utility.lnk - C:\Program Files\Tenda\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-07-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoResolveTrack"=1
"HonorAutoRunSetting"=1
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Skype old\Skype.exe"="C:\Program Files\Skype\Skype old\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:PowerDVD"
"C:\WINDOWS\System32\DPNSvr.exe"="C:\WINDOWS\System32\DPNSvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\System32\dxdiag.exe"="C:\WINDOWS\System32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"E:\Dragon Age\bin_ship\daorigins.exe"="E:\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"E:\Dragon Age\DAOriginsLauncher.exe"="E:\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"E:\Dragon Age\bin_ship\daupdatersvc.service.exe"="E:\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"D:\Program Files\TelMe - DeskCall NG\DeskCallEvo.exe"="D:\Program Files\TelMe - DeskCall NG\DeskCallEvo.exe:*:Enabled:DeskCallEvo"
"D:\Program Files\PoivY\PoivY.exe"="D:\Program Files\PoivY\PoivY.exe:*:Enabled:PoivY"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\VoipGain.com\VoipGain\VoipGain.exe"="C:\Program Files\VoipGain.com\VoipGain\VoipGain.exe:*:Enabled:VoipGain"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-12-04 17:27:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\RoboForm
2010-12-04 15:28:28 ----D---- C:\_OTL
2010-12-02 20:20:41 ----SHD---- C:\Recycled
2010-12-02 17:07:12 ----A---- C:\ComboFix.txt
2010-12-02 10:48:12 ----D---- C:\Program Files\SeaMonkey
2010-12-02 10:43:40 ----D---- C:\Program Files\Opera
2010-12-02 10:41:34 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Maxthon3
2010-12-02 10:34:59 ----D---- C:\Program Files\Mozilla Firefox
2010-11-30 10:46:17 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\VoipGain
2010-11-30 10:42:57 ----D---- C:\Program Files\VoipGain.com
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\W32N55.INI
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\W32N55.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\ssleay32.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\Scutum.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\RalinkGina.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\libeay32.dll
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\drivers\Scutum50.sys
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\DiagFunc.ini
2010-11-29 04:30:01 ----A---- C:\WINDOWS\system32\DiagFunc.dll
2010-11-29 04:29:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tenda Driver
2010-11-28 22:33:26 ----D---- C:\FOUND.008
2010-11-27 22:27:11 ----D---- C:\Program Files\Gepard
2010-11-27 21:45:38 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Lunascape
2010-11-27 21:30:38 ----D---- C:\Program Files\Lunascape
2010-11-27 19:19:19 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Flock
2010-11-27 18:35:45 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Netscape
2010-11-27 18:35:39 ----D---- C:\Program Files\Netscape
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-11-27 11:10:39 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-11-27 11:10:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-11-27 11:10:25 ----D---- C:\Program Files\Alwil Software
2010-11-27 11:10:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-11-27 10:53:12 ----D---- C:\Program Files\HD Tune
2010-11-27 01:01:04 ----D---- C:\WINDOWS\temp
2010-11-27 00:22:41 ----D---- C:\rsit
2010-11-27 00:22:41 ----D---- C:\Program Files\trend micro
2010-11-26 21:01:36 ----D---- C:\FOUND.007
2010-11-26 20:42:04 ----RASHD---- C:\cmdcons
2010-11-26 20:30:53 ----A---- C:\WINDOWS\zip.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\SWSC.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\SWREG.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\sed.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\PEV.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\NIRCMD.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\MBR.exe
2010-11-26 20:30:53 ----A---- C:\WINDOWS\grep.exe
2010-11-26 20:06:14 ----ASH---- C:\hiberfil.sys
2010-11-26 18:20:39 ----D---- C:\WINDOWS\CSC
2010-11-26 09:52:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2010-11-26 00:04:52 ----A---- C:\WINDOWS\ndinst.exe
2010-11-25 10:05:52 ----D---- C:\Program Files\ConduitEngine
2010-11-25 10:05:40 ----D---- C:\Program Files\InnoGames_EN
2010-11-23 13:13:58 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-23 13:13:31 ----D---- C:\Program Files\ICQ7.2
2010-11-20 20:37:46 ----A---- C:\WINDOWS\ntbtlog.txt
2010-11-20 20:37:42 ----D---- C:\FOUND.006
2010-11-19 16:03:56 ----A---- C:\WINDOWS\system32\RaCoInst.dll
2010-11-19 16:03:56 ----A---- C:\WINDOWS\system32\drivers\rt2870.sys
2010-11-19 16:03:56 ----A---- C:\WINDOWS\system32\drivers\AegisP.sys
2010-11-19 16:03:53 ----D---- C:\Program Files\Tenda
2010-11-17 22:42:28 ----A---- C:\WINDOWS\system32\drivers\afcdp.sys
2010-11-17 22:42:27 ----A---- C:\WINDOWS\system32\drivers\tdrpm273.sys
2010-11-17 22:42:24 ----A---- C:\WINDOWS\system32\drivers\timntr.sys
2010-11-17 22:42:20 ----A---- C:\WINDOWS\system32\drivers\snapman.sys
2010-11-17 22:42:11 ----D---- C:\Program Files\Acronis
2010-11-17 22:42:09 ----D---- C:\Program Files\Common Files\Acronis
2010-11-17 22:40:29 ----D---- C:\Documents and Settings\Ing. Markovic\Data aplikací\Acronis
2010-11-17 22:40:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2010-11-13 14:58:40 ----D---- C:\Program Files\iPod
2010-11-13 10:12:15 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-13 10:11:53 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-11-13 10:11:52 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-11-13 10:11:51 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-11-13 10:11:50 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-11-13 10:11:50 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-11-13 10:11:50 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-11-13 10:10:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache

======List of files/folders modified in the last 1 months======

2010-12-05 00:05:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-02 17:05:58 ----A---- C:\WINDOWS\system.ini
2010-12-02 16:45:44 ----A---- C:\WINDOWS\win.ini
2010-12-02 15:44:52 ----RASH---- C:\boot.ini
2010-12-02 11:11:18 ----A---- C:\WINDOWS\WININIT.INI
2010-11-29 10:30:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-27 12:37:56 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-26 19:45:16 ----A---- C:\Boot.bak
2010-11-10 23:56:38 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-05-13 111808]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-11-17 170464]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-30 721904]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\WINDOWS\system32\DRIVERS\tdrpm273.sys [2010-11-17 752128]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-11-17 600928]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-11-19 21419]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 Scutum50;Scutum50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\Scutum50.sys [2009-12-10 19072]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-07-07 5069312]
R3 cm102u32;C-Media CM6501 Like Sound Interface; C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 1419968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2010-04-14 827488]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 60255]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
S3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2010-11-17 163232]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 avfjyb1h;avfjyb1h; C:\WINDOWS\system32\drivers\avfjyb1h.sys []
S3 c65013264;C-Media CM6501 Like Sound UDAX Interface; C:\WINDOWS\system32\drivers\c6501.sys [2006-09-05 1419968]
S3 catchme;catchme; \??\C:\DOCUME~1\ING~1.MAR\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-07-05 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-07-05 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-07-05 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\L2 - Hellbound\system1\npkcrypt.sys []
S3 npkcusb;npkcusb; \??\C:\Program Files\L2 - Hellbound\system1\npkcusb.sys []
S3 npkycryp;npkycryp; \??\C:\Program Files\L2 - Hellbound\system1\npkycryp.sys []
S3 PAC7311;Phenix-Q8; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2005-10-18 154752]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-12-23 549421]
S3 TKFsAc;TKFsAc; \??\C:\WINDOWS\system32\TKFsAc2k.sys []
S3 TKFsAv;TKFsAv; \??\C:\WINDOWS\system32\TKFsAv2k.sys []
S3 TKFsFt;TKFsFt; \??\C:\WINDOWS\system32\TKFsFt2k.sys []
S3 TKRgAc;TKRgAc; \??\C:\WINDOWS\system32\TKRgAc2k.sys []
S3 TKRgFt;TKRgFt; \??\C:\WINDOWS\system32\TKRgFtXp.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\Tenda\Common\RaRegistry.exe [2009-12-10 185632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-17 3975088]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-07-07 602112]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-03-17 593920]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S4 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-13 136176]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-11-11 820008]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-05-15 79400]
S4 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE []
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S4 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-04-15 2722845]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S4 StarWindServiceAE;StarWind AE Service; E:\Alcohol120\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S4 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S4 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-09-21 1247600]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

memart · #75 Příspěvek od **memart** » 05 pro 2010 00:22

Tak, to jsem pustil OTL a dal vycistit (pro vse uzivatele).
Ani 3 vteriny to nepracovalo a hned restart

Pak zmizli i OTL i ComboFix

No, to bylo!
A k tomu zvladnuti, ja vim ze nekdo poradil, ale o tom to je, na to jsou teamy!
Nevzdavala ste to a ja jsem myslel ze to nejde vyresit jen tak a uz jsem cekal to hnusne preinstalovani...
Jsem proste prijemne prekvapen a mam radost

))))))))))

Ale ted nevim jestli jsem vubec mel nejakeho vira, nebo jen ty pozustatky a nahodna kombinace noveho internetu a tech restlu?

VIRY.CZ

Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu

Re: Totalni zpomaleni netu