Vírus v Operačnej pamäti !

Zpráva

Leo151Cole · #1 Příspěvek od **Leo151Cole** » 19 pro 2010 12:20

Prosím čo mám robiť ak mám vírus v operačnej pamäti (píše to tam tabulku je to v nejakej zloťke win32 takže je to asi dôležite) a nejde vymazať ani liečiť ... ide len ponechať .... je to trojsky kôň ... neviem čo mám robiť je to škodlivé ? pokazí sa mi časom PC ? ... skúšal som sa vrátiť v čase a nepomohlo ... Prosím poradťe ešte rozmýšlam nad preinštaláciou celeho PC ale neviem či to pomoze ked je to v operacnej pameti ... Nepoznate niečo ? (mam Nod32 Eset antivirus)

#2 Příspěvek od **stell** » 19 pro 2010 12:28

Zdravim
Ano pozname,
PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

Leo151Cole · #3 Příspěvek od **Leo151Cole** » 19 pro 2010 18:51

Mám problem s tým programem, postupuji podle navodu ... dal sem to na plochu vypel sem vsetko aj antivirus a ked sem na to klikel a pustit presla pol hodinka a stale nic .... Co mam robit ked mi to proste nejde zapnut ?

#4 Příspěvek od **stell** » 19 pro 2010 20:22

Restart do nudzoveho rezimu
Stiahnite si prosím TDSSKiller a uložte ho na plochu.

2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.

Leo151Cole · #5 Příspěvek od **Leo151Cole** » 19 pro 2010 21:07

Asi mám pocit že vir je uz vymazany lebo na zacatku mi neukazal nic ze uz tam proste nic neni a za to dekuji ... len jeden problem ked sa restartoval pc tak mi to pisalo (modra obrazovka) ze ci nechcem nainstalovat nove XP a ja ze ne zrusil sem to a vratil sem sa do Home edition dobre sem urobil ? A ešte možem vymazat už to TDSS ? a tuto je ten vypis

2010/11/18 21:01:17.0859 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2010/11/18 21:01:17.0859 ================================================================================
2010/11/18 21:01:17.0859 SystemInfo:
2010/11/18 21:01:17.0859
2010/11/18 21:01:17.0859 OS Version: 5.1.2600 ServicePack: 3.0
2010/11/18 21:01:17.0859 Product type: Workstation
2010/11/18 21:01:17.0859 ComputerName: KARKAS-30E3EB18
2010/11/18 21:01:17.0859 UserName: karkas
2010/11/18 21:01:17.0859 Windows directory: C:\WINDOWS
2010/11/18 21:01:17.0859 System windows directory: C:\WINDOWS
2010/11/18 21:01:17.0859 Processor architecture: Intel x86
2010/11/18 21:01:17.0859 Number of processors: 1
2010/11/18 21:01:17.0859 Page size: 0x1000
2010/11/18 21:01:17.0859 Boot type: Normal boot
2010/11/18 21:01:17.0859 ================================================================================
2010/11/18 21:01:18.0406 Initialize success
2010/11/18 21:01:31.0031 ================================================================================
2010/11/18 21:01:31.0031 Scan started
2010/11/18 21:01:31.0031 Mode: Manual;
2010/11/18 21:01:31.0031 ================================================================================
2010/11/18 21:01:32.0000 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/18 21:01:32.0093 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/11/18 21:01:32.0187 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys
2010/11/18 21:01:32.0406 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/18 21:01:32.0515 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/18 21:01:33.0000 ALCXWDM (d9026163ed32a13923a2c909897a6b87) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2010/11/18 21:01:33.0656 asusgsb (4342b1c77ca28ef80122ffe74592080d) C:\WINDOWS\system32\drivers\asusgsb.sys
2010/11/18 21:01:33.0734 asuskbnt (3744dbf2c31cf16df43eaab0ae943328) C:\WINDOWS\system32\drivers\atkkbnt.sys
2010/11/18 21:01:33.0843 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/18 21:01:33.0921 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/18 21:01:34.0156 ati2mtag (13013226f669dabb5e0bde3a3993b7a3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/11/18 21:01:34.0343 atidgllk (fa3d0a10c59123dcd2675eff476834f1) C:\Program Files\ASUS\SmartDoctor\atidgllk.sys
2010/11/18 21:01:34.0500 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/18 21:01:34.0578 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/18 21:01:34.0703 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/18 21:01:34.0843 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/18 21:01:34.0968 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/11/18 21:01:35.0078 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/18 21:01:35.0203 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/18 21:01:35.0281 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/18 21:01:35.0718 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/18 21:01:35.0843 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/18 21:01:36.0000 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/18 21:01:36.0109 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/18 21:01:36.0234 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/18 21:01:36.0406 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/18 21:01:36.0531 DumaNT (5b40d257176b7c1ed4367532c737e8a7) C:\WINDOWS\system32\DRIVERS\dumant.sys
2010/11/18 21:01:36.0750 eamon (af82dc664e3d8e2cba3b95e68f6448a7) C:\WINDOWS\system32\DRIVERS\eamon.sys
2010/11/18 21:01:36.0859 ehdrv (686a799c1bf1b18941994daf9f45db06) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2010/11/18 21:01:37.0015 EIO (10d0ca0af295f49c365a2ee7bf820315) C:\WINDOWS\system32\drivers\EIO.sys
2010/11/18 21:01:37.0109 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
2010/11/18 21:01:37.0265 epfwtdir (3a7fba5c06dbcffc7d062fe705397a96) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2010/11/18 21:01:37.0390 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/18 21:01:37.0546 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/11/18 21:01:37.0640 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/18 21:01:37.0718 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/11/18 21:01:37.0828 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/18 21:01:37.0953 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/18 21:01:38.0062 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/18 21:01:38.0171 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/11/18 21:01:38.0328 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/18 21:01:38.0390 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2010/11/18 21:01:38.0625 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/18 21:01:38.0859 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/18 21:01:38.0921 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/18 21:01:39.0187 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/18 21:01:39.0281 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/18 21:01:39.0406 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/18 21:01:39.0468 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/18 21:01:39.0625 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/18 21:01:39.0703 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/18 21:01:39.0843 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/18 21:01:39.0906 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/18 21:01:40.0031 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/18 21:01:40.0125 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/18 21:01:40.0359 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/18 21:01:40.0484 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/18 21:01:40.0593 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/18 21:01:40.0703 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/18 21:01:40.0875 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/18 21:01:41.0031 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/18 21:01:41.0203 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/18 21:01:41.0296 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/18 21:01:41.0390 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/18 21:01:41.0500 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/18 21:01:41.0593 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/18 21:01:41.0687 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/11/18 21:01:41.0765 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/18 21:01:41.0890 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/11/18 21:01:42.0015 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/18 21:01:42.0109 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/11/18 21:01:42.0234 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/18 21:01:42.0343 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/18 21:01:42.0437 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/18 21:01:42.0562 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/18 21:01:42.0640 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/18 21:01:42.0750 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/18 21:01:42.0937 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/18 21:01:43.0046 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/18 21:01:43.0218 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/18 21:01:43.0296 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/18 21:01:43.0406 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/18 21:01:43.0562 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/11/18 21:01:43.0625 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/18 21:01:43.0750 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/18 21:01:43.0828 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/18 21:01:44.0046 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/11/18 21:01:44.0156 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/11/18 21:01:44.0640 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/18 21:01:44.0687 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/11/18 21:01:44.0796 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/18 21:01:44.0906 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/18 21:01:45.0015 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/11/18 21:01:45.0359 RasAcd (7931f223c25292243a7103fce23c3e9a) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/18 21:01:45.0359 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\rasacd.sys. Real md5: 7931f223c25292243a7103fce23c3e9a, Fake md5: fe0d99d6f31e4fad8159f690d68ded9c
2010/11/18 21:01:45.0375 RasAcd - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/11/18 21:01:45.0453 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/18 21:01:45.0546 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/18 21:01:45.0671 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/18 21:01:45.0765 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/18 21:01:45.0875 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/18 21:01:46.0015 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/18 21:01:46.0125 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/18 21:01:46.0296 SCDEmu (16b1abe7f3e35f21dac57592b6c5d464) C:\WINDOWS\system32\drivers\SCDEmu.sys
2010/11/18 21:01:46.0421 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/18 21:01:46.0531 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/11/18 21:01:46.0609 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/11/18 21:01:46.0703 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/11/18 21:01:46.0859 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/11/18 21:01:46.0984 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/18 21:01:47.0125 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/18 21:01:47.0234 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/18 21:01:47.0421 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/11/18 21:01:47.0468 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/18 21:01:47.0593 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/18 21:01:47.0953 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/18 21:01:48.0093 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/18 21:01:48.0218 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/18 21:01:48.0281 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/18 21:01:48.0390 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/18 21:01:48.0609 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/18 21:01:48.0796 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/18 21:01:48.0937 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/18 21:01:49.0031 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/18 21:01:49.0109 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/11/18 21:01:49.0234 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/18 21:01:49.0296 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/11/18 21:01:49.0421 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/18 21:01:49.0515 VBoxDrv (bb2bf5e7078f05bac1e3dd523cb150f6) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
2010/11/18 21:01:49.0640 VBoxNetAdp (87f80943992bda64bc2208f3ccd0d38a) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
2010/11/18 21:01:49.0750 VBoxNetFlt (779a92465beb0f2a1ed180c09f0ffc0e) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
2010/11/18 21:01:49.0859 VBoxUSBMon (b6879530399e6a7c769f87467ba62b29) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
2010/11/18 21:01:49.0937 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/18 21:01:50.0109 Video3D (9fe6c63d22abfea5c1d2b3efb9d31619) C:\WINDOWS\system32\Drivers\Video3D.sys
2010/11/18 21:01:50.0171 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/18 21:01:50.0328 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/18 21:01:50.0437 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/18 21:01:50.0578 WEBNTACCESS (d09ded944e4a7d99fc2a3046bfeded56) C:\WINDOWS\system32\NTACCESS.SYS
2010/11/18 21:01:50.0828 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2010/11/18 21:01:50.0968 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/11/18 21:01:51.0078 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/18 21:01:51.0187 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/11/18 21:01:51.0843 ================================================================================
2010/11/18 21:01:51.0843 Scan finished
2010/11/18 21:01:51.0843 ================================================================================
2010/11/18 21:01:51.0890 Detected object count: 1
2010/11/18 21:02:04.0640 RasAcd (7931f223c25292243a7103fce23c3e9a) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/18 21:02:04.0640 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\rasacd.sys. Real md5: 7931f223c25292243a7103fce23c3e9a, Fake md5: fe0d99d6f31e4fad8159f690d68ded9c
2010/11/18 21:02:06.0484 Backup copy found, using it..
2010/11/18 21:02:06.0546 C:\WINDOWS\system32\DRIVERS\rasacd.sys - will be cured after reboot
2010/11/18 21:02:06.0546 Rootkit.Win32.TDSS.tdl3(RasAcd) - User select action: Cure
2010/11/18 21:02:24.0812 Deinitialize success

#6 Příspěvek od **stell** » 19 pro 2010 21:11

Ano BSOD-ti prihral Rootkit TDL3, takto sa brani, ale este sme neskoncili, spust teraz combofix, a log vloz sem.

Leo151Cole · #7 Příspěvek od **Leo151Cole** » 19 pro 2010 22:29

Urobil som to ... ale ked sa restartoval Pc tak mi nedal na vyber a niečo som musel opraviť nejaký Windows XP balík tak a trvalo to cez 45 minut ... a ComboFix sa neulozil ... takze neviem co mam robit ... teraz to uz robit nemozem a ten txt sa proste neulozil a cele sa to muselo opravit a mal som na vyber este novy system ale dal som opravit .... Co mam robit mam to este raz ? Pretoze sa bojim

#8 Příspěvek od **motji** » 19 pro 2010 22:38

Dobrý večer, záskok za kolegu

Co přesně jste měl opravit? Potřeboval jste inst. cd?

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

start-spustit
do okénka zkopírujte

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

ok

vytvoří se log s názvem mbr.log, vložte ho zde

Leo151Cole · #9 Příspěvek od **Leo151Cole** » 19 pro 2010 22:48

po tom ako vzniknu tie 2 logy tak obidva mam dat sem ? a potom kde najdem start ?

Leo151Cole · #10 Příspěvek od **Leo151Cole** » 19 pro 2010 22:58

OTL.txt nejde napísať pretože presahuje 60000 písmen ....

Extras :

OTL Extras logfile created on: 18. 11. 2010 22:43:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\karkas\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1 023,00 Mb Total Physical Memory | 484,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 40,33 Gb Free Space | 54,12% Space Free | Partition Type: NTFS
Drive E: | 38,28 Gb Total Space | 6,82 Gb Free Space | 17,83% Space Free | Partition Type: NTFS

Computer Name: KARKAS-30E3EB18 | User Name: karkas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1123561945-1177238915-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"58350:TCP" = 58350:TCP:*:Enabled:Pando Media Booster
"58350:UDP" = 58350:UDP:*:Enabled:Pando Media Booster
"1038:TCP" = 1038:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"E:\Metin2_CZ\metin2.bin" = E:\Metin2_CZ\metin2.bin:*:Enabled:metin2 -- ()
"E:\Metin2_CZ\metin2client.bin" = E:\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
"E:\Program Files\Counter-Strike 1.6\hl.exe" = E:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)
"C:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe" = C:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe:*:Enabled:jk2mp -- File not found
"E:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe" = E:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe:*:Enabled:jk2mp -- File not found
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"E:\Program Files\MotoGP2\motogp2.exe" = E:\Program Files\MotoGP2\motogp2.exe:*:Enabled:motogp2 -- ()
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"E:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe" = E:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"E:\Program Files\World of Warcraft\Launcher.exe" = E:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"C:\Documents and Settings\karkas\Dokumenty\metin35\mc.exe" = C:\Documents and Settings\karkas\Dokumenty\metin35\mc.exe:*:Enabled:mc -- File not found
"C:\Documents and Settings\karkas\Dokumenty\metin35\metin2.exe" = C:\Documents and Settings\karkas\Dokumenty\metin35\metin2.exe:*:Enabled:metin2 -- File not found
"C:\Documents and Settings\karkas\Dokumenty\metin35\newserver3.exe" = C:\Documents and Settings\karkas\Dokumenty\metin35\newserver3.exe:*:Enabled:newserver3 -- File not found
"C:\Documents and Settings\karkas\Dokumenty\skatemt2 remaked by MitchelMusso\Skatemt remaked by MitchelMusso\SkateMt2 remaked by MitchelMusso.exe" = C:\Documents and Settings\karkas\Dokumenty\skatemt2 remaked by MitchelMusso\Skatemt remaked by MitchelMusso\SkateMt2 remaked by MitchelMusso.exe:*:Enabled:SkateMt2 remaked by MitchelMusso -- File not found
"C:\Documents and Settings\karkas\Dokumenty\Metin2\LocMt2\mc.exe" = C:\Documents and Settings\karkas\Dokumenty\Metin2\LocMt2\mc.exe:*:Enabled:mc -- ()
"C:\Documents and Settings\karkas\Dokumenty\Metin2 Tester\mc.exe" = C:\Documents and Settings\karkas\Dokumenty\Metin2 Tester\mc.exe:*:Enabled:mc -- File not found
"C:\Documents and Settings\karkas\Dokumenty\ICQ\LOCMT2\LocMt2\Locmt2.exe" = C:\Documents and Settings\karkas\Dokumenty\ICQ\LOCMT2\LocMt2\Locmt2.exe:*:Enabled:Locmt2 -- File not found
"C:\Documents and Settings\karkas\Dokumenty\TheP0werMt2\mc.exe" = C:\Documents and Settings\karkas\Dokumenty\TheP0werMt2\mc.exe:*:Enabled:mc -- File not found
"C:\Documents and Settings\karkas\Dokumenty\LocMt2\mc.exe" = C:\Documents and Settings\karkas\Dokumenty\LocMt2\mc.exe:*:Enabled:mc -- File not found
"C:\Documents and Settings\karkas\Dokumenty\Mt2PServer\PortMap.exe" = C:\Documents and Settings\karkas\Dokumenty\Mt2PServer\PortMap.exe:*:Enabled:PortMap -- File not found
"C:\xampp\apache\bin\httpd.exe" = C:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\xampp\mysql\bin\mysqld.exe" = C:\xampp\mysql\bin\mysqld.exe:*:Enabled:The MySQL Server -- (MySQL AB)
"C:\Documents and Settings\karkas\Dokumenty\HaZardMT2\HaZardMT2.exe" = C:\Documents and Settings\karkas\Dokumenty\HaZardMT2\HaZardMT2.exe:*:Enabled:HaZardMT2 -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programmi\LocMt2\Loc.bin" = C:\Programmi\LocMt2\Loc.bin:*:Enabled:Loc -- ()
"C:\Program Files\Java\jre6\launch4j-tmp\UltraMixer.exe" = C:\Program Files\Java\jre6\launch4j-tmp\UltraMixer.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\karkas\Dokumenty\LocMt2\metin2.exe" = C:\Documents and Settings\karkas\Dokumenty\LocMt2\metin2.exe:*:Enabled:metin2 -- File not found
"C:\Documents and Settings\karkas\Dokumenty\NNK\NNK\hl.exe" = C:\Documents and Settings\karkas\Dokumenty\NNK\NNK\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Documents and Settings\karkas\Dokumenty\NNK\hl.exe" = C:\Documents and Settings\karkas\Dokumenty\NNK\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Documents and Settings\karkas\Dokumenty\Mt2\SindicateM2\metin2client.bin" = C:\Documents and Settings\karkas\Dokumenty\Mt2\SindicateM2\metin2client.bin:*:Enabled:metin2client -- File not found
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"E:\SindicateMt2\Sindicate\client.bin" = E:\SindicateMt2\Sindicate\client.bin:*:Enabled:client -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04726714-8286-43B8-AFD6-2DF92EC49995}" = ASUS GameLiveShow
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS SmartDoctor
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{169E414A-37C7-434E-9021-27A03AE087CD}" = ASUS VideoSecurity Online
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 21
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F163D34-3CC6-4E37-3FB0-80311B894FEA}" = Need for Speed Carbon
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53FED732-39DF-4973-85CD-854115455007}" = Sun VirtualBox
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60F53518-1D76-447F-8E2C-A696B00E18DC}" = ESET NOD32 Antivirus
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68D8533B-9EE7-46AB-B8B2-D643F888C5DF}" = ASUS GameFace Live
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{8CA199A8-574E-432F-A98F-A55741E233D1}_is1" = 3GP Player 2010
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90415EA5-3856-4402-B566-53160813421B}" = ASUS ATI Driver
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Šťastnou cestu
"{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}" = Image Grabber II.NET
"{F370AD1F-9B68-4735-9ACD-501870D61F40}" = ASUS Utilities
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F5CE5428-B9ED-4A00-8EEE-7E672F381618}_is1" = 123 AVI to GIF Converter 3.2
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Noční život
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"123 AVI to GIF Converter_is1" = 123 AVI to GIF Converter 3.1
"18 Wheels of Steel: Haulin'" = 18 Wheels of Steel: Haulin'
"ABC 3GP/MP4 Converter" = ABC 3GP/MP4 Converter 3.00
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced GIF Animator_is1" = Advanced GIF Animator 3.0
"Akamai" = Akamai NetSession Interface
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)
"AVI GIF Converter_is1" = AVI GIF Converter 1.08
"BSPlayer" = BSPlayer
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool MP4 To 3GP Converter_is1" = Cool MP4 To 3GP Converter 1.0
"Counter-Strike 1.6" = Counter-Strike 1.6
"DivX Setup.divx.com" = DivX Setup
"Euro Truck Simulator" = Euro Truck Simulator
"GamersFirst LIVE!" = GamersFirst LIVE!
"GameSpy Arcade" = GameSpy Arcade
"Hamachi" = Hamachi 1.0.3.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{04726714-8286-43B8-AFD6-2DF92EC49995}" = ASUS GameLiveShow
"InstallShield_{12E11FBB-7CA6-4A86-834D-5E6390D51009}" = ASUS SmartDoctor
"InstallShield_{169E414A-37C7-434E-9021-27A03AE087CD}" = ASUS VideoSecurity Online
"InstallShield_{68D8533B-9EE7-46AB-B8B2-D643F888C5DF}" = ASUS GameFace Live
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.7.0
"Lexmark 1200 Series" = Lexmark 1200 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MotoGP2_is1" = MotoGP2
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP3 CD Converter Professional_is1" = MP3 CD Converter Professional 5.01
"Mp3 Knife_is1" = Mp3 Knife 3.2
"MSI Live Update 2" = MSI Live Update 2
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Network Play System (Patching)" = Network Play System (Patching)
"NVIDIA nForce Drivers" = NVIDIA nForce Drivers
"NVIDIAStereo" = NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
"Obaly" = Obaly
"Ogg Converter" = Ogg Converter
"PowerISO" = PowerISO
"PROPLUS" = Microsoft Office Professional Plus 2007
"Q-Xpress Installer" = Q-Xpress Installer 1.1.9
"RadioBar" = RadioBar Toolbar
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Softonic-Eng7 Toolbar" = Softonic-Eng7 Toolbar
"SolSuite_is1" = SolSuite 2010 v10.0
"Tunatic" = Tunatic
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"xvid" = XviD MPEG-4 Video Codec

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27. 8. 2010 16:43:46 | Computer Name = KARKAS-30E3EB18 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.7.2830, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28. 8. 2010 17:03:50 | Computer Name = KARKAS-30E3EB18 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.7.2830, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29. 8. 2010 07:06:27 | Computer Name = KARKAS-30E3EB18 | Source = Application Error | ID = 1000
Description = Chybující aplikace hsm.exe, verze 1.0.0.1, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00010107.

Error - 29. 8. 2010 07:07:15 | Computer Name = KARKAS-30E3EB18 | Source = Application Error | ID = 1000
Description = Chybující aplikace hsm.exe, verze 1.0.0.1, chybující modul binkw32.dll,
verze 1.9.5.0, adresa chyby 0x0000835e.

Error - 29. 8. 2010 07:07:36 | Computer Name = KARKAS-30E3EB18 | Source = Application Error | ID = 1000
Description = Chybující aplikace hsm.exe, verze 1.0.0.1, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00010107.

Error - 31. 8. 2010 01:12:36 | Computer Name = KARKAS-30E3EB18 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.7.2830, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 1. 9. 2010 04:34:42 | Computer Name = KARKAS-30E3EB18 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.7.2830, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 2. 9. 2010 05:47:01 | Computer Name = KARKAS-30E3EB18 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.7.2830, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 2. 9. 2010 14:19:23 | Computer Name = KARKAS-30E3EB18 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.7.2830, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6. 9. 2010 08:39:36 | Computer Name = KARKAS-30E3EB18 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace winamp.exe, verze 5.5.7.2830, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 18. 11. 2010 12:19:36 | Computer Name = KARKAS-30E3EB18 | Source = Service Control Manager | ID = 7000
Description = Služba ASUS Virtual Video Capture Device Driver neuspěla při spuštění
v důsledku následující chyby: %%1058

Error - 18. 11. 2010 12:38:12 | Computer Name = KARKAS-30E3EB18 | Source = Ftdisk | ID = 262189
Description = Systému se nepodařilo úspěšně načíst ovladač výpisu stavu systému.

Error - 18. 11. 2010 12:38:12 | Computer Name = KARKAS-30E3EB18 | Source = Ftdisk | ID = 262193
Description = Konfigurace stránkovacího souboru pro výpis stavu systému se nezdařila.
Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor a zda je na
něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error - 18. 11. 2010 12:38:22 | Computer Name = KARKAS-30E3EB18 | Source = Service Control Manager | ID = 7000
Description = Služba ASUS Virtual Video Capture Device Driver neuspěla při spuštění
v důsledku následující chyby: %%1058

Error - 18. 11. 2010 16:06:17 | Computer Name = KARKAS-30E3EB18 | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.

Error - 18. 11. 2010 16:06:18 | Computer Name = KARKAS-30E3EB18 | Source = Service Control Manager | ID = 7000
Description = Služba ASUS Virtual Video Capture Device Driver neuspěla při spuštění
v důsledku následující chyby: %%1058

Error - 18. 11. 2010 17:14:25 | Computer Name = KARKAS-30E3EB18 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 18. 11. 2010 17:14:25 | Computer Name = KARKAS-30E3EB18 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 18. 11. 2010 17:20:23 | Computer Name = KARKAS-30E3EB18 | Source = Setup | ID = 60055
Description = Instalační program systému Windows zjistil při instalaci nezávažné
chyby. Další informace naleznete v souboru setuperr.log v adresáři systému Window

Error - 18. 11. 2010 17:22:51 | Computer Name = KARKAS-30E3EB18 | Source = Service Control Manager | ID = 7000
Description = Služba ASUS Virtual Video Capture Device Driver neuspěla při spuštění
v důsledku následující chyby: %%1058

< End of report >

#11 Příspěvek od **motji** » 19 pro 2010 22:59

Ano, oba txt vložte zde, klidně je rozdělte do více příspěvků.

Omlouvám se, ale vypadla mi část návodu. A start to je to tlačítko na panelu vlevo dole.

stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu

start-spustit
do okénka zkopírujte

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

ok

vytvoří se log s názvem mbr.log, vložte ho zde

Leo151Cole · #12 Příspěvek od **Leo151Cole** » 19 pro 2010 23:00

1. časť OTL :

OTL logfile created on: 18. 11. 2010 22:43:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\karkas\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

1 023,00 Mb Total Physical Memory | 484,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 40,33 Gb Free Space | 54,12% Space Free | Partition Type: NTFS
Drive E: | 38,28 Gb Total Space | 6,82 Gb Free Space | 17,83% Space Free | Partition Type: NTFS

Computer Name: KARKAS-30E3EB18 | User Name: karkas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.18 22:41:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\karkas\Plocha\OTL.exe
PRC - [2010.11.10 18:04:16 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files\ICQ7.2\ICQ.exe
PRC - [2010.10.08 07:05:38 | 002,845,552 | ---- | M] (GamersFirst) -- C:\Program Files\GamersFirst\LIVE!\Live.exe
PRC - [2010.09.30 13:54:42 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010.06.02 15:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.03.05 16:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.11.16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.11.09 04:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2007.04.16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.07.13 06:33:14 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
PRC - [2006.07.13 06:19:48 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
PRC - [2006.01.17 08:45:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\LXCZJSWX.EXE
PRC - [2006.01.17 03:26:06 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\LXCZPSWX.EXE
PRC - [2005.04.28 12:52:36 | 000,258,048 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003.05.05 19:20:22 | 000,402,432 | ---- | M] () -- C:\Program Files\MSI\Live Update 2\LMonitor.exe

========== Modules (SafeList) ==========

MOD - [2010.11.18 22:41:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\karkas\Plocha\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.11.08 09:15:09 | 003,020,888 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_aeec0f0.dll -- (Akamai)
SRV - [2010.06.02 15:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.19 14:41:40 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2005.04.28 12:52:36 | 000,258,048 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva347.sys -- (XDva347)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\karkas\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\appliand.sys -- (appliandMP)
DRV - [2010.04.21 12:13:22 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.12.17 14:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2009.12.17 14:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2009.12.17 14:02:34 | 000,099,152 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2009.12.17 14:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2009.11.16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.11.16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.11.09 04:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2007.04.25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.06.14 04:09:00 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005.05.30 09:01:04 | 000,011,648 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2005.05.25 03:07:32 | 001,198,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.05.13 14:16:12 | 000,023,040 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004.07.06 19:56:26 | 000,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D.sys -- (Video3D)
DRV - [2004.06.16 14:34:00 | 000,004,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\ASUS\SmartDoctor\atidgllk.sys -- (atidgllk)
DRV - [2003.03.21 12:39:08 | 000,017,937 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Ntaccess.sys -- (WEBNTACCESS)
DRV - [2002.11.18 14:29:26 | 000,399,700 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dumant.sys -- (DumaNT)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "eSnips Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {DDABDBA1-2377-4A30-A027-25697B99E254}:3.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.6&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.18 12:38:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.18 12:37:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Italy Mozilla Firefox\components [2010.05.14 13:39:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Italy Mozilla Firefox\plugins [2010.05.14 13:39:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.02.16 19:58:32 | 000,000,000 | ---D | M]

[2010.02.17 13:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Extensions
[2010.11.18 20:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\extensions
[2010.03.04 14:46:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.19 14:11:02 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010.08.21 17:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.19 17:35:47 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.09.05 15:44:18 | 000,000,000 | ---D | M] (Facicons) -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\extensions\{DDABDBA1-2377-4A30-A027-25697B99E254}
[2010.02.17 13:58:27 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icq-search.xml
[2010.03.20 22:17:36 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-1.xml
[2010.11.04 13:17:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-10.xml
[2010.11.04 14:37:57 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-11.xml
[2010.11.04 15:06:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-12.xml
[2010.11.04 17:00:00 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-13.xml
[2010.11.10 18:05:37 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-14.xml
[2010.11.16 23:27:47 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-15.xml
[2010.11.18 13:41:34 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-16.xml
[2010.11.18 17:56:06 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-17.xml
[2010.04.23 17:21:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-2.xml
[2010.07.01 14:26:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-3.xml
[2010.09.09 12:00:47 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-4.xml
[2010.09.13 18:46:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-5.xml
[2010.08.21 17:03:48 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-6.xml
[2010.09.27 17:00:51 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-7.xml
[2010.11.01 21:00:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-8.xml
[2010.11.01 23:20:21 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin-9.xml
[2010.08.21 17:02:48 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin.gif
[2010.08.21 17:02:48 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin.src
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Mozilla\Firefox\Profiles\8eiphcs2.default\searchplugins\icqplugin.xml
[2010.11.18 19:50:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.24 19:03:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.08.21 08:18:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.09.30 13:54:42 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.03.20 09:07:00 | 000,002,029 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\esnips.xml
[2010.09.21 13:08:35 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.21 13:08:35 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.21 13:08:35 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.21 13:08:35 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.21 13:08:35 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.11.18 22:14:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O2 - BHO: (no name) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\..\Toolbar\WebBrowser: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 2\LMonitor.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
O4 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst)
O4 - Startup: C:\Documents and Settings\Home\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\karkas\Nabídka Start\Programy\Po spuštění\hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1123561945-1177238915-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\toolbarchrome {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - C:\Program Files\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\karkas\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\karkas\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.24 08:55:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.asv2 - C:\WINDOWS\System32\ASUSASV2.DLL ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.11.18 22:41:28 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\karkas\Plocha\OTL.exe
[2010.11.18 22:21:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010.11.18 22:18:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010.11.18 22:18:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010.11.18 22:18:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010.11.18 22:18:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010.11.18 22:18:13 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010.11.18 22:18:13 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010.11.18 22:18:11 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010.11.18 22:18:11 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010.11.18 22:18:09 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010.11.18 22:18:08 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010.11.18 22:18:08 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010.11.18 22:18:01 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010.11.18 22:18:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010.11.18 22:18:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010.11.18 22:17:58 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010.11.18 22:17:58 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010.11.18 22:17:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010.11.18 22:17:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010.11.18 22:17:57 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010.11.18 22:17:57 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010.11.18 22:17:56 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010.11.18 22:17:56 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010.11.18 22:17:53 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010.11.18 22:17:51 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010.11.18 22:17:50 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010.11.18 22:17:50 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010.11.18 22:17:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010.11.18 22:17:50 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010.11.18 22:17:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010.11.18 22:17:49 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010.11.18 22:17:49 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010.11.18 22:17:49 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010.11.18 22:17:49 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010.11.18 22:17:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010.11.18 22:17:48 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010.11.18 22:17:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010.11.18 22:17:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010.11.18 22:17:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010.11.18 22:17:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010.11.18 22:17:47 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010.11.18 22:17:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010.11.18 22:17:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010.11.18 22:17:47 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010.11.18 22:17:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010.11.18 22:17:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010.11.18 22:17:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010.11.18 22:17:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010.11.18 22:17:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010.11.18 22:17:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010.11.18 22:17:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010.11.18 22:17:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010.11.18 22:17:46 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010.11.18 22:17:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010.11.18 22:17:37 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010.11.18 22:17:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010.11.18 22:17:35 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010.11.18 22:17:35 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010.11.18 22:17:34 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010.11.18 22:17:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010.11.18 22:17:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010.11.18 22:17:31 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010.11.18 22:17:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010.11.18 22:17:29 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010.11.18 22:17:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010.11.18 22:17:28 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010.11.18 22:17:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010.11.18 22:17:25 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010.11.18 22:17:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010.11.18 22:17:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010.11.18 22:17:24 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010.11.18 22:17:24 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010.11.18 22:17:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010.11.18 22:17:24 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010.11.18 22:17:23 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010.11.18 22:17:22 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010.11.18 22:17:22 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010.11.18 22:17:22 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010.11.18 22:17:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010.11.18 22:17:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010.11.18 22:17:11 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010.11.18 22:17:10 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010.11.18 22:17:03 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010.11.18 22:17:03 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010.11.18 22:16:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010.11.18 22:16:53 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010.11.18 22:16:53 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010.11.18 22:16:52 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010.11.18 22:16:51 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010.11.18 22:16:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010.11.18 22:16:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010.11.18 22:16:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010.11.18 22:16:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010.11.18 22:16:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010.11.18 22:16:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010.11.18 22:16:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010.11.18 22:16:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010.11.18 22:16:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010.11.18 22:16:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010.11.18 22:16:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010.11.18 22:16:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010.11.18 22:16:45 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010.11.18 22:16:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010.11.18 22:16:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010.11.18 22:16:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010.11.18 22:16:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010.11.18 22:16:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010.11.18 22:16:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010.11.18 22:16:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010.11.18 22:16:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010.11.18 22:16:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010.11.18 22:16:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010.11.18 22:16:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010.11.18 22:16:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010.11.18 22:16:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010.11.18 22:16:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010.11.18 22:16:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010.11.18 22:16:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010.11.18 22:16:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010.11.18 22:16:43 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010.11.18 22:16:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010.11.18 22:16:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010.11.18 22:16:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010.11.18 22:16:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010.11.18 22:16:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010.11.18 22:16:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010.11.18 22:16:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010.11.18 22:16:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010.11.18 22:16:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010.11.18 22:16:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010.11.18 22:16:40 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010.11.18 22:16:39 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010.11.18 22:16:38 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010.11.18 22:16:38 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010.11.18 22:16:38 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010.11.18 22:16:38 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010.11.18 22:16:38 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010.11.18 22:16:38 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010.11.18 22:16:37 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010.11.18 22:16:37 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010.11.18 22:16:37 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010.11.18 22:16:37 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010.11.18 22:16:37 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010.11.18 22:16:37 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010.11.18 22:16:36 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010.11.18 22:16:36 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010.11.18 22:16:36 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010.11.18 22:16:36 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010.11.18 22:16:36 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010.11.18 22:16:35 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010.11.18 22:16:35 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010.11.18 22:16:35 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010.11.18 22:16:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010.11.18 22:16:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010.11.18 22:16:31 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010.11.18 22:16:23 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010.11.18 22:16:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010.11.18 22:16:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010.11.18 22:16:18 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010.11.18 22:16:18 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010.11.18 22:16:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010.11.18 22:16:17 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010.11.18 22:16:17 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010.11.18 22:16:17 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010.11.18 22:16:17 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010.11.18 22:16:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010.11.18 22:16:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010.11.18 22:16:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010.11.18 22:16:17 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010.11.18 22:16:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010.11.18 22:16:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010.11.18 22:16:16 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010.11.18 22:16:16 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010.11.18 22:16:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010.11.18 22:16:16 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010.11.18 22:16:16 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010.11.18 22:16:16 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010.11.18 22:16:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010.11.18 22:16:16 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010.11.18 22:16:16 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010.11.18 22:16:15 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010.11.18 22:16:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010.11.18 22:16:14 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010.11.18 22:16:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010.11.18 22:16:13 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010.11.18 22:16:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010.11.18 22:16:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010.11.18 22:16:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010.11.18 22:16:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010.11.18 22:16:12 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010.11.18 22:16:12 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010.11.18 22:16:12 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010.11.18 22:16:12 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010.11.18 22:16:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010.11.18 22:16:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010.11.18 22:16:02 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010.11.18 22:16:01 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010.11.18 22:16:00 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010.11.18 22:16:00 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010.11.18 22:16:00 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010.11.18 22:16:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010.11.18 22:15:59 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010.11.18 22:15:59 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010.11.18 22:15:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010.11.18 22:15:58 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010.11.18 22:15:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010.11.18 22:15:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010.11.18 22:15:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010.11.18 22:15:57 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010.11.18 22:15:56 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010.11.18 22:15:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010.11.18 22:15:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010.11.18 22:15:39 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010.11.18 22:15:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010.11.18 22:15:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010.11.18 22:15:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010.11.18 22:15:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010.11.18 22:15:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010.11.18 22:15:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010.11.18 22:15:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010.11.18 22:15:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010.11.18 22:15:25 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010.11.18 22:15:25 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010.11.18 22:15:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010.11.18 22:15:24 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010.11.18 22:15:18 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010.11.18 22:15:18 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010.11.18 22:15:18 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010.11.18 22:15:18 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010.11.18 22:15:17 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010.11.18 22:15:17 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010.11.18 22:15:17 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010.11.18 22:15:17 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010.11.18 22:15:17 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010.11.18 22:15:17 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010.11.18 22:15:16 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010.11.18 22:15:16 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010.11.18 22:15:16 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010.11.18 22:15:16 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010.11.18 22:15:16 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010.11.18 22:15:16 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010.11.18 22:15:15 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010.11.18 22:15:15 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010.11.18 22:15:15 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010.11.18 22:15:14 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010.11.18 22:15:13 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010.11.18 22:13:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010.11.18 21:51:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood.Tmp
[2010.11.18 21:51:35 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010.11.18 21:51:35 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010.11.18 21:51:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010.11.18 21:51:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010.11.18 21:28:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.11.18 21:24:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.11.18 21:24:01 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.11.18 21:24:01 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.11.18 21:24:01 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.11.18 21:23:56 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.11.18 21:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.11.18 21:22:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.11.18 21:00:04 | 001,345,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\karkas\Plocha\tdsskiller.exe
[2010.11.18 20:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2010.11.18 20:28:36 | 004,502,408 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\karkas\Dokumenty\avg_free_stb_eu_2011_1170_free.exe
[2010.11.18 20:09:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\karkas\Data aplikací\TeamViewer
[2010.11.18 12:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\karkas\Plocha\metro
[2010.11.18 12:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVI GIF Converter
[2010.11.18 12:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Dokumenty\EA Games
[2010.11.16 22:42:26 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.11.08 14:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\karkas\Dokumenty\EA Games
[2010.10.28 10:18:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\karkas\Dokumenty\lay
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

Leo151Cole · #13 Příspěvek od **Leo151Cole** » 19 pro 2010 23:00

OTL 2. časť :

========== Files - Modified Within 30 Days ==========

[2010.11.18 22:41:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\karkas\Plocha\OTL.exe
[2010.11.18 22:36:15 | 000,000,300 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010.11.18 22:26:33 | 003,124,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.18 22:25:55 | 000,013,680 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.18 22:25:07 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.11.18 22:25:07 | 000,431,654 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.11.18 22:25:07 | 000,078,716 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.11.18 22:25:07 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.18 22:21:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.18 22:21:25 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.18 22:20:23 | 000,000,609 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.11.18 22:14:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.11.18 22:14:49 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.11.18 22:14:49 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.11.18 22:14:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.11.18 22:14:36 | 000,004,249 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.18 22:12:19 | 000,022,900 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.11.18 22:08:11 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2010.11.18 21:23:28 | 003,994,421 | R--- | M] () -- C:\Documents and Settings\karkas\Plocha\ComboFix.exe
[2010.11.18 21:00:14 | 001,345,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\karkas\Plocha\tdsskiller.exe
[2010.11.18 20:30:16 | 004,502,408 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\karkas\Dokumenty\avg_free_stb_eu_2011_1170_free.exe
[2010.11.18 20:07:31 | 002,195,352 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\TeamViewerQS.exe
[2010.11.18 17:44:27 | 000,053,838 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\ggg.xml
[2010.11.18 17:30:53 | 000,936,375 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2010.11.13 12:52:08 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010.11.08 17:54:48 | 000,124,416 | ---- | M] () -- C:\Documents and Settings\karkas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010.11.07 11:21:19 | 000,013,024 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\Untitled.veg
[2010.11.07 11:20:18 | 006,661,887 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\WOWKO.wmv
[2010.11.07 11:18:24 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.07 11:13:01 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\karkas\Plocha\Image Grabber II.NET.lnk
[2010.11.07 08:03:10 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.11.02 08:55:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.10.28 16:17:51 | 000,000,084 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2010.10.28 14:44:39 | 000,068,758 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\ikno.png
[2010.10.28 11:11:03 | 000,085,972 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\sitak.png
[2010.10.28 10:57:59 | 000,020,595 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\Navigaciaaa.png
[2010.10.28 10:55:03 | 000,020,037 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\teraz !.png
[2010.10.28 10:52:43 | 000,018,688 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\NAVIGATION.png
[2010.10.28 10:51:21 | 000,100,321 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\navigacia.png
[2010.10.27 07:33:49 | 000,393,570 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\christmas-gifts-1383.jpg
[2010.10.22 15:43:35 | 000,120,718 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\02.jpg
[2010.10.22 15:37:48 | 000,095,824 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\012.png
[2010.10.22 15:29:39 | 000,055,754 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\01.jpg
[2010.10.22 14:12:16 | 000,002,346 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\small.79673286.jpg
[2010.10.22 13:41:56 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
[2010.10.21 16:06:27 | 000,037,200 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\35746596754059566791.png
[2010.10.21 15:49:49 | 000,004,246 | ---- | M] () -- C:\Documents and Settings\karkas\Dokumenty\menu.png
[2010.10.20 13:38:22 | 000,000,142 | ---- | M] () -- C:\Documents and Settings\karkas\default.pls
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.18 22:17:24 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010.11.18 22:16:47 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010.11.18 22:16:38 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010.11.18 22:16:37 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010.11.18 22:16:35 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010.11.18 22:16:27 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010.11.18 22:16:20 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010.11.18 22:16:15 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010.11.18 22:16:00 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010.11.18 21:51:22 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2010.11.18 21:51:22 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010.11.18 21:51:22 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010.11.18 21:51:22 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010.11.18 21:51:22 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010.11.18 21:51:22 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010.11.18 21:51:22 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010.11.18 21:51:21 | 001,896,102 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010.11.18 21:51:21 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010.11.18 21:51:21 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010.11.18 21:51:21 | 000,523,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010.11.18 21:51:21 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010.11.18 21:51:21 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010.11.18 21:51:21 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010.11.18 21:28:52 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010.11.18 21:24:01 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.11.18 21:24:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.11.18 21:24:01 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.11.18 21:24:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.11.18 21:24:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.11.18 21:21:05 | 003,994,421 | R--- | C] () -- C:\Documents and Settings\karkas\Plocha\ComboFix.exe
[2010.11.18 20:06:13 | 002,195,352 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\TeamViewerQS.exe
[2010.11.18 17:44:27 | 000,053,838 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\ggg.xml
[2010.11.11 17:56:59 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
[2010.11.07 11:21:19 | 000,013,024 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\Untitled.veg
[2010.11.07 11:18:24 | 006,661,887 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\WOWKO.wmv
[2010.10.28 14:44:37 | 000,068,758 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\ikno.png
[2010.10.28 11:11:01 | 000,085,972 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\sitak.png
[2010.10.28 10:57:58 | 000,020,595 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\Navigaciaaa.png
[2010.10.28 10:55:02 | 000,020,037 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\teraz !.png
[2010.10.28 10:52:42 | 000,018,688 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\NAVIGATION.png
[2010.10.28 10:51:19 | 000,100,321 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\navigacia.png
[2010.10.27 07:33:48 | 000,393,570 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\christmas-gifts-1383.jpg
[2010.10.22 15:43:35 | 000,120,718 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\02.jpg
[2010.10.22 15:37:47 | 000,095,824 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\012.png
[2010.10.22 15:29:38 | 000,055,754 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\01.jpg
[2010.10.22 14:12:15 | 000,002,346 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\small.79673286.jpg
[2010.10.21 16:06:26 | 000,037,200 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\35746596754059566791.png
[2010.10.21 15:49:48 | 000,004,246 | ---- | C] () -- C:\Documents and Settings\karkas\Dokumenty\menu.png
[2010.09.29 08:13:23 | 000,058,979 | ---- | C] () -- C:\Documents and Settings\karkas\Data aplikací\ReplayMusicLog.log
[2010.08.29 11:59:44 | 000,000,151 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.08.20 21:36:28 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.07.09 08:14:24 | 000,001,449 | ---- | C] () -- C:\Documents and Settings\karkas\Local Settings\Data aplikací\RecConfig.xml
[2010.07.01 10:08:50 | 000,081,332 | ---- | C] () -- C:\WINDOWS\System32\BASS.DLL
[2010.06.06 17:58:11 | 000,000,248 | ---- | C] () -- C:\WINDOWS\RomeTW.ini
[2010.05.05 13:11:41 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2010.02.28 08:49:51 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2010.02.18 13:05:00 | 000,000,084 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010.02.18 13:04:58 | 000,000,300 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010.02.17 14:14:04 | 000,124,416 | ---- | C] () -- C:\Documents and Settings\karkas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.17 13:34:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.16 19:52:43 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.02.16 19:45:49 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.02.16 19:40:39 | 000,007,980 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2010.02.16 19:35:01 | 000,005,048 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\mtbjfghn.xbe
[2010.02.16 19:25:35 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.02.16 19:25:35 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.02.16 19:25:33 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.02.16 19:25:30 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.02.16 19:20:05 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2010.02.16 19:20:05 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2009.12.24 12:06:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2009.12.24 12:06:02 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2005.04.04 13:52:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2005.04.04 13:35:24 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.10.11 12:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
[2004.08.18 13:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.08.18 13:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004.08.17 16:49:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002.11.18 14:29:28 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\nvimage.dll
[2002.11.18 14:29:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\stereoi.dll

========== LOP Check ==========

[2009.12.24 16:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.12.24 10:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.01.02 19:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grey Alien Games
[2009.12.24 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.12.29 18:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MumboJumbo
[2010.02.18 13:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\BVRP Software
[2010.03.02 18:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Electronic Arts
[2010.02.16 19:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ESET
[2010.08.21 17:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2010.11.18 20:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2010.11.16 11:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PMB Files
[2010.07.09 13:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sony
[2010.03.10 11:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TreeCardGames
[2010.05.12 17:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.12.28 18:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\123 Free Solitaire
[2009.12.24 16:16:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\DAEMON Tools Lite
[2009.12.28 16:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\gtk-2.0
[2009.12.24 23:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\ICQ
[2009.12.24 18:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home\Data aplikací\Opera
[2010.02.18 12:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\123 Free Solitaire
[2010.07.05 12:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Audacity
[2010.03.27 09:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Bitsoft
[2010.03.24 12:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\gtk-2.0
[2010.11.16 11:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\ICQ
[2010.08.17 14:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Jasc
[2010.03.20 09:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Logia
[2010.02.16 20:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Opera
[2010.07.24 09:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Publish Providers
[2010.02.23 17:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\RadioBar
[2010.11.18 15:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\SolSuite
[2010.09.11 07:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Sony
[2010.09.12 15:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Synthesia
[2010.11.18 20:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\TeamViewer
[2010.08.10 16:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Xilisoft

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ASUS SmartDoctor" = C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start -- [2005.06.16 19:08:52 | 001,015,808 | ---- | M] (ASUSTeK Inc.)
"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent -- File not found
"AdobeBridge" =
"Pando Media Booster" = C:\Program Files\Pando Networks\Media Booster\PMB.exe -- [2010.09.30 13:54:42 | 002,937,528 | ---- | M] ()
"ICQ" = "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 -- [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[10 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.02.18 12:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\123 Free Solitaire
[2010.09.27 20:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Adobe
[2010.03.11 07:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\AdobeUM
[2010.02.17 13:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Ahead
[2010.05.13 15:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Apple Computer
[2010.07.05 12:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Audacity
[2010.03.27 09:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Bitsoft
[2010.03.21 08:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\DivX
[2010.03.24 12:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\gtk-2.0
[2010.11.18 22:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Hamachi
[2010.04.01 20:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Help
[2010.11.16 11:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\ICQ
[2010.02.16 19:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Identities
[2010.08.17 14:34:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Jasc
[2010.03.20 09:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Logia
[2010.03.06 10:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Macromedia
[2010.02.16 19:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Media Player Classic
[2010.10.15 18:46:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\karkas\Data aplikací\Microsoft
[2010.02.17 13:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Mozilla
[2010.02.16 20:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Opera
[2010.07.24 09:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Publish Providers
[2010.02.23 17:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\RadioBar
[2010.02.23 17:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Real
[2010.11.18 21:12:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Skype
[2010.11.18 19:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\skypePM
[2010.11.18 15:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\SolSuite
[2010.09.11 07:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Sony
[2010.03.01 18:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Sun
[2010.09.12 15:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Synthesia
[2010.11.18 20:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\TeamViewer
[2010.06.10 18:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\U3
[2010.09.08 16:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Winamp
[2010.02.17 13:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\WinRAR
[2010.08.10 16:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\karkas\Data aplikací\Xilisoft

< %APPDATA%\*.exe /s >
[2008.05.29 00:03:08 | 000,037,176 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.03.02 15:21:24 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.06.24 14:41:00 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Microsoft\Installer\{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}\_640ECEF665E5906E76DC9D.exe
[2010.06.24 14:41:00 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\karkas\Data aplikací\Microsoft\Installer\{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}\_96E62DE38A7F692104A23B.exe
[2007.10.23 08:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\karkas\Data aplikací\U3\temp\cleanup.exe
[2008.02.25 12:47:34 | 003,489,792 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\karkas\Data aplikací\U3\temp\Launchpad Removal.exe

< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2009.12.19 23:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2004.08.18 13:00:00 | 001,251,840 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.11.18 22:48:58 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.11.18 21:35:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010.11.18 22:48:58 | 031,977,472 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.11.18 22:48:58 | 005,894,144 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2004.08.18 13:00:00 | 001,251,840 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.11.18 22:20:23 | 000,000,609 | ---- | M] () -- C:\WINDOWS\system32\$winnt$.inf
[2010.11.18 22:14:49 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2010.11.18 22:13:37 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\system32\cdplayer.exe.manifest
[2010.11.18 22:12:19 | 000,022,900 | ---- | M] () -- C:\WINDOWS\system32\emptyregdb.dat
[2010.11.18 22:26:33 | 003,124,392 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.11.18 22:13:43 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\system32\logonui.exe.manifest
[2010.11.18 22:13:37 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\system32\ncpa.cpl.manifest
[2010.11.18 22:14:49 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2010.11.18 22:13:37 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\system32\nwc.cpl.manifest
[2010.11.18 22:25:07 | 000,078,716 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.11.18 22:25:07 | 000,068,156 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.11.18 22:25:07 | 000,431,654 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.11.18 22:25:07 | 000,435,260 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.11.18 22:25:07 | 001,028,152 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.11.18 22:13:37 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\system32\sapi.cpl.manifest
[2010.11.18 22:13:43 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\system32\WindowsLogon.manifest
[2010.11.18 22:25:55 | 000,013,680 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2010.11.18 22:13:37 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\system32\wuaucpl.cpl.manifest
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

Leo151Cole · #14 Příspěvek od **Leo151Cole** » 19 pro 2010 23:03

No mne ten MBR log sa urobil skor nez som to tam napisal mne sa tam nic take neukazalo len toto :

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD800BB-00JHC0 rev.05.01C05 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

#15 Příspěvek od **motji** » 19 pro 2010 23:10

Musíte dát start - spustit - a pak do toho řádku napsat ten příkaz.

Ted se počítač chová jak? Já projdu ty logy

VIRY.CZ

Vírus v Operačnej pamäti !

Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !

Re: Vírus v Operačnej pamäti !