Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-03-12 16:41:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 30 GB (41%) free of 74 GB
Total RAM: 767 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:41:32, on 12.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user.RUBICKY\Plocha\RSIT.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SA57.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [VycistitPocitac] "C:\Program Files\Vyčistit Počítač\VycistitPocitac.exe" /SCHEDULED
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; FunWebProducts; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.geewa.com/games/gameShockwav ... ackpot.dcr"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2010060315
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1525927578
O17 - HKLM\System\CCS\Services\Tcpip\..\{D70BE32C-D223-4FFF-881B-F2B295C65638}: NameServer = 194.228.41.113
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate1c9ce1d9d665e78) (gupdate1c9ce1d9d665e78) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
--
End of file - 10852 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\SLOW-PCfighter-user-Startup.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2410AFFB-FC6E-48DF-BB48-8AEC69C9944E}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL [2010-12-04 54704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2010-12-04 775696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-25 1623392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-05 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-05 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2010-03-24 1164568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D5D47440-0750-463D-BAEF-A47D02414806}
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2010-12-04 775696]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-11-25 2069344]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe [2010-12-04 32849]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe [2010-12-04 28783]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-01-11 1230704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-03-24 462104]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe [2010-12-04 32849]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"VycistitPocitac"=C:\Program Files\Vyčistit Počítač\VycistitPocitac.exe /SCHEDULED []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe [2009-04-29 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-14 118784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-18 12536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Cross Racing Championship\crc.exe"="C:\Program Files\Cross Racing Championship\crc.exe:*:Disabled:Cross Racing Championship 2005"
"C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2011-03-12 16:41:19 ----D---- C:\Program Files\trend micro
2011-03-12 16:41:18 ----DC---- C:\rsit
2011-03-09 17:06:22 ----D---- C:\Program Files\Ledové Drahokamy
2011-03-09 09:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-09 09:30:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-09 08:16:59 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Fighters
2011-02-19 10:16:15 ----D---- C:\Program Files\NortonInstaller
2011-02-19 00:03:02 ----D---- C:\Documents and Settings\user.RUBICKY\Data aplikací\DDMSettings
======List of files/folders modified in the last 1 months======
2011-03-12 16:41:26 ----D---- C:\WINDOWS\Prefetch
2011-03-12 16:41:19 ----RD---- C:\Program Files
2011-03-12 16:35:33 ----D---- C:\Documents and Settings\user.RUBICKY\Data aplikací\Skype
2011-03-12 16:34:57 ----D---- C:\Program Files\Mozilla Firefox
2011-03-12 16:34:27 ----D---- C:\Program Files\Norton Security Scan
2011-03-12 16:34:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton
2011-03-12 16:34:25 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-03-12 16:34:24 ----SD---- C:\WINDOWS\Tasks
2011-03-12 15:26:58 ----D---- C:\Documents and Settings\user.RUBICKY\Data aplikací\skypePM
2011-03-12 13:25:33 ----D---- C:\WINDOWS\Temp
2011-03-12 12:15:37 ----D---- C:\WINDOWS\system32\drivers\Avg
2011-03-12 12:12:26 ----SHD---- C:\WINDOWS\Installer
2011-03-12 08:38:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-11 12:59:12 ----D---- C:\Program Files\BigPatience
2011-03-10 16:56:52 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-09 17:06:37 ----AC---- C:\moduleName.txt
2011-03-09 09:34:30 ----D---- C:\WINDOWS
2011-03-09 09:32:53 ----HD---- C:\WINDOWS\inf
2011-03-09 09:32:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-09 09:32:52 ----D---- C:\WINDOWS\system32
2011-03-09 09:31:04 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-09 09:30:58 ----A---- C:\WINDOWS\imsins.BAK
2011-03-09 09:24:18 ----D---- C:\Program Files\Internet Explorer
2011-03-09 09:07:18 ----A---- C:\WINDOWS\NeroDigital.ini
2011-03-09 07:18:03 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-19 10:16:17 ----D---- C:\WINDOWS\system32\drivers
2011-02-19 00:02:11 ----D---- C:\Program Files\DivX
2011-02-19 00:02:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DivX
2011-02-16 07:29:51 ----D---- C:\WINDOWS\Network Diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-07-18 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-18 243024]
R2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-14 2301440]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-22 4432384]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-25 47360]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-09-20 265856]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-14 479232]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-18 308136]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-05 152984]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S2 gupdate1c9ce1d9d665e78;Služba Google Update (gupdate1c9ce1d9d665e78); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-06 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-26 1375992]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontr.logu jiného pc příbuzných
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontr.logu jiného pc příbuzných
zdravím 
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
Re: Prosím o kontr.logu jiného pc příbuzných
Dobrý den. Už jsem o5 u příbuzných na pc, který bych jim rád odviroval a zabezpečil. Mám ale obavu po použití ComboFixu, jestli se jim nemůže třeba něco smazat, zablokovat. Používá to má teta hlavně na hry,ale strejda v tom má své podnikání, účty,práce,dph,atd. Na mysli mám to uvodní oznámení "Zřeknutí se práva na funkčnost software." Co to znamená? nemůže to nějak ohrozit funkci pc.?
Děkuji.
Děkuji.
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontr.logu jiného pc příbuzných
nemusíte se bát pokud by smazal neinfikované soubory, lze je obnovit
pokud by smazal neinfikované soubory, lze je obnovit Re: Prosím o kontr.logu jiného pc příbuzných
spustil jsem program ComboFix a radí mi odinstalovat avg antivirus. je to v pořádku? je jiný způsob jak to obejít a zachovat antivir?
Re: Prosím o kontr.logu jiného pc příbuzných
Hezké odpoledne, záskok za kolegyni
AVG budete muset odinstalovat, nemají se s combofixem rádi
AVG budete muset odinstalovat, nemají se s combofixem rádi
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontr.logu jiného pc příbuzných
měl by být tento seznam: RSIT - - CCLEANER - - SAS - - MBAM - - USB FIX - - GMER - - RootRepeal - - DrWeb CureIt - - AVPTool nainstalován do každého pc a používat je pravidelně?
Re: Prosím o kontr.logu jiného pc příbuzných
Ne, to co mám v podpisu, to jsou jen linky na návody k programům, které občas někomu doporučím.
Vy se toho combofixu asi hodně bojíte,že? . nebojte se, pokud by náhodou smazal něco, co potřebujete, vždy se to dá obnovit.
Vy se toho combofixu asi hodně bojíte,že?
. nebojte se, pokud by náhodou smazal něco, co potřebujete, vždy se to dá obnovit.Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontr.logu jiného pc příbuzných
Ano , hodně mě plete hlášení Conbofixu"Zřeknutí se práva na funkčnost software." a potvrzení toho. Protože to není muj pc, který jsem nechal prověřit. A Ti známí,kterých to je pc s ním umí jen hrát hry a je tam uloženo podnikání a faktury. Příklad: pročistil jsem jim pc a tím zmizela domovská stránka prohlížeče a jelikoš jsem u nich vždy jen pár hodin v období jednou za čas, hned mi volali co že jsem jim to zas provedl, že tam nemají seznam.cz a že mě "zabijí" Proto ta obava ještě jsem Conbofixu nikdy nepoužil a tedy to s ním neumím a nevím se s ním pracuje a obnovuje třeba smazané soubory.-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontr.logu jiného pc příbuzných
jak již psala kolegyně, nemáte se čeho bát a pokud by bylo třeba něco obnovit, poradíme Vám jak
Re: Prosím o kontr.logu jiného pc příbuzných
ok. v "přidat nebo odebrat programy" jsem odinstal Antivirus avg a další různé zálohy a s tím antivirem spoj.součásti a udělal jsem to i prgramem Total uninstal. a přesto mi to píše, že je pořád aktivní a brání tomu. i jsem to restartoval a pořád to píše že Conbofixu brání antivir. co stím??? To varování píše: "Conbofix zjistil, že následující prodramy mají zapnuté rezidentní štíty: antivirus: AVG Anti-Virus Free
Antivirové a jiné ochranné programy často zasahují do činnosti ConboFixu. To může vést k nepředvídatelným výsledkům a možnému poškození počítače.
Prosím ukončete tyto programy před kliknutím na " OK". A já si nejsem vůbec vědom, že by tam ještě mohlo něco takového být. Co s tím??? děkuji
Antivirové a jiné ochranné programy často zasahují do činnosti ConboFixu. To může vést k nepředvídatelným výsledkům a možnému poškození počítače.
Prosím ukončete tyto programy před kliknutím na " OK". A já si nejsem vůbec vědom, že by tam ještě mohlo něco takového být. Co s tím??? děkuji
Re: Prosím o kontr.logu jiného pc příbuzných
Nelze to obejít a prověřit to i bez ConboFixu? Za chvíli budu od známích odcházet, tak až zase za týden, nebo o víkendu!!!
Re: Prosím o kontr.logu jiného pc příbuzných
Můžeme i jinak .
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
. Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontr.logu jiného pc příbuzných
děkuji, tady je ten text:
OTL logfile created on: 29.3.2011 18:53:49 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\user.RUBICKY\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 239,00 Mb Available Physical Memory | 31,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71,95 Gb Total Space | 33,18 Gb Free Space | 46,11% Space Free | Partition Type: NTFS
Drive H: | 71,68 Gb Total Space | 50,25 Gb Free Space | 70,11% Space Free | Partition Type: NTFS
Computer Name: RUBICKY | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.03.29 18:48:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
PRC - [2011.03.29 18:13:22 | 000,450,560 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32.exe
PRC - [2011.03.29 18:13:20 | 000,921,600 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2011.03.29 18:13:20 | 000,507,904 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2011.03.26 19:26:04 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011.02.22 19:16:39 | 007,678,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.03.24 15:40:36 | 000,462,104 | ---- | M] () -- C:\Program Files\Seznam.cz\postak.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011.03.29 18:48:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.03.29 18:13:20 | 000,507,904 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
========== Driver Services (SafeList) ==========
DRV - [2011.03.29 18:13:22 | 000,502,368 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010.12.21 13:18:17 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2010.07.18 15:23:26 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.07.18 15:23:25 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.07.18 15:22:48 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2007.09.20 10:22:00 | 000,265,856 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.06.22 18:14:40 | 004,432,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.06.14 21:58:56 | 002,301,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsear ... searchfor="
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.19 01:02:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.19 01:02:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.02.22 19:16:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.22 19:16:43 | 000,000,000 | ---D | M]
[2009.05.05 12:47:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Extensions
[2011.03.29 16:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\extensions
[2009.09.07 10:50:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.26 18:57:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-1.xml
[2009.08.03 16:10:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-2.xml
[2009.08.15 14:44:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-3.xml
[2009.09.14 13:57:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-4.xml
[2011.02.22 19:17:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-5.xml
[2009.06.09 12:38:24 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin.xml
[2010.12.04 18:00:23 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\mywebsearch.xml
[2011.03.29 16:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.05.06 08:46:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.02.22 19:16:35 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER.RUBICKY\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HNCQPDKE.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2009.05.06 08:46:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\PROGRA~1\MOZILL~1\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2009.05.05 22:32:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRA~1\MOZILL~1\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2011.02.19 01:02:05 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2009.05.05 22:32:03 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.02.22 19:16:32 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2011.02.22 19:16:32 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2011.02.22 19:16:32 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2011.02.22 19:16:34 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2011.02.22 19:16:34 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2011.02.22 19:16:42 | 000,001,118 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\centrum-cz.xml
[2011.02.22 19:16:42 | 000,000,661 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.02.22 19:16:42 | 000,001,674 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.02.22 19:16:42 | 000,001,302 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.02.22 19:16:42 | 000,000,765 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
O1 HOSTS File: ([2001.10.25 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKU\S-1-5-21-117609710-2139871995-725345543-1004..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\postak.exe ()
O4 - HKU\S-1-5-21-117609710-2139871995-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 1525927578 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0c32b65a-6e26-11de-a97b-004f4e62ba8e}\Shell\AutoRun\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
O33 - MountPoints2\{0c32b65a-6e26-11de-a97b-004f4e62ba8e}\Shell\open\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
O33 - MountPoints2\{f1d967f7-6d90-11de-a97a-004f4e62ba8e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.a3d - C:\WINDOWS\System32\a3d.dll (Aureal Semiconductor)
Drivers32: msacm.divxa - C:\WINDOWS\System32\divxa32.acm (build Pinky.cz)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3radius - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ogg - C:\WINDOWS\System32\ogg.dll ()
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.vorbisenc - C:\WINDOWS\System32\vorbisenc.dll ()
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - C:\WINDOWS\System32\divxc32.dll (build Pinky.cz)
Drivers32: vidc.div4 - C:\WINDOWS\System32\divxc32f.dll (Pinky.cz)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 30 Days ==========
[2011.03.29 18:49:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
[2011.03.29 18:17:10 | 000,502,368 | ---- | C] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys
[2011.03.29 18:17:10 | 000,274,432 | ---- | C] (Eset ) -- C:\WINDOWS\System32\imon.dll
[2011.03.29 18:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Eset
[2011.03.29 17:01:24 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.03.29 16:50:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user.RUBICKY\Recent
[2011.03.29 16:39:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.03.29 16:39:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.03.29 16:39:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.03.29 16:39:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.03.26 19:23:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.03.26 19:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Martau
[2011.03.26 19:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 5
[2011.03.21 00:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Alawar Stargaze
[2011.03.15 19:37:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Plocha\video
[2011.03.15 18:48:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Plocha\fotky
[2011.03.15 18:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Plocha\HRY
[2011.03.15 17:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\CCleaner
[2011.03.15 17:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\SUPERAntiSpyware.com
[2011.03.15 17:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\SUPERAntiSpyware.com
[2011.03.15 17:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.03.15 17:08:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.15 14:49:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2011.03.12 17:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.03.09 18:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Nabídka Start\Programy\Ledové Drahokamy
[2011.03.09 18:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ledové Drahokamy
[2011.03.09 09:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Fighters
[2009.12.25 18:59:32 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\pcouffin.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.29 18:48:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
[2011.03.29 18:18:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.29 18:18:27 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.29 18:18:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.29 18:13:23 | 000,274,432 | ---- | M] (Eset ) -- C:\WINDOWS\System32\imon.dll
[2011.03.29 18:13:22 | 000,502,368 | ---- | M] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys
[2011.03.29 18:09:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.29 16:47:36 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
[2011.03.28 21:53:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2410AFFB-FC6E-48DF-BB48-8AEC69C9944E}.job
[2011.03.27 10:31:55 | 000,442,984 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.03.27 10:31:55 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.27 10:31:55 | 000,085,312 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.03.27 10:31:55 | 000,073,260 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.03.26 22:10:19 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[2011.03.26 19:49:44 | 000,001,162 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.03.26 19:25:47 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
[2011.03.26 18:59:05 | 073,282,271 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011.03.21 18:09:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.03.19 14:08:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011.03.18 10:34:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.03.15 17:39:35 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\SUPERAntiSpyware Free Edition.lnk
[2011.03.09 09:32:58 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\default.pls
[2011.03.09 08:53:12 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.29 16:39:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.03.29 16:39:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.03.29 16:39:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.03.29 16:39:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.03.29 16:39:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.03.26 19:07:14 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Total Uninstall 5.lnk
[2011.03.15 18:47:43 | 000,000,639 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Plocha\BigPatience.lnk
[2011.03.15 17:47:38 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
[2011.03.15 17:39:35 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\SUPERAntiSpyware Free Edition.lnk
[2011.03.15 17:05:19 | 000,001,162 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.09.26 13:29:10 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.15 14:16:05 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009.12.25 18:59:32 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ezpinst.exe
[2009.12.25 18:59:32 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\pcouffin.cat
[2009.12.25 18:59:32 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\pcouffin.inf
[2009.07.10 22:54:13 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.06.13 22:46:01 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\default.pls
[2009.06.13 22:44:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.05.13 21:18:36 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4000.ini
[2009.05.06 09:13:02 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009.05.06 09:13:02 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009.05.06 09:13:02 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009.05.06 09:13:02 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009.05.06 09:13:02 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009.05.06 09:13:02 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009.05.06 09:13:02 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009.05.06 09:13:02 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009.05.06 09:13:02 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009.05.06 09:13:02 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2009.05.06 09:13:02 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009.05.06 09:13:02 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009.05.06 09:13:02 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009.05.06 09:13:02 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009.05.06 09:13:02 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009.05.06 09:13:02 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2009.05.06 09:13:02 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2009.05.06 09:13:02 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009.05.06 09:13:02 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.05.05 13:32:43 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.05 12:33:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.05.05 11:32:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.05.05 11:16:57 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.05.05 11:16:57 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.05.05 11:16:57 | 000,972,072 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.05.05 11:16:56 | 000,149,278 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.05.05 10:41:59 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.05.05 10:40:31 | 000,215,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.05.05 09:00:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.05.05 08:52:29 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.10.12 15:34:50 | 000,071,096 | ---- | C] () -- C:\WINDOWS\System32\NMSAccess.exe
[2005.11.17 19:57:30 | 000,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2005.11.06 01:34:50 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe
[2004.08.17 16:58:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.07.16 14:09:32 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.10.06 21:42:58 | 000,105,472 | ---- | C] () -- C:\WINDOWS\System32\oggds.dll
[2002.10.05 02:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 02:04:26 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 02:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.07.19 18:48:22 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\OggEnc.exe
[2002.05.17 23:18:30 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,442,984 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 14:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,085,312 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 14:00:00 | 000,073,260 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.03.21 00:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Alawar Stargaze
[2011.03.21 00:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
[2011.03.15 14:49:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2009.05.13 21:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON
[2011.03.09 09:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Fighters
[2010.11.12 22:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2011.03.26 19:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Martau
[2010.01.11 00:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Oberon Media
[2010.12.21 13:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2009.10.31 15:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUp Software
[2009.05.13 21:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\UDL
[2009.09.10 12:26:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.10.31 15:51:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009.05.29 12:27:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{EEC20228-ECAF-4B82-B511-82D50253CF58}
[2009.10.31 19:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT AUTHORITY\Data aplikací\TuneUp Software
[2010.08.12 18:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\AnvSoft
[2009.12.12 14:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.19 01:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\DDMSettings
[2010.01.21 22:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EleFun Games
[2010.06.27 14:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EPSON
[2011.01.23 18:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ
[2010.01.11 01:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ Toolbar
[2011.02.12 22:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Shape games
[2009.05.05 13:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Thinstall
[2009.05.05 21:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\TuneUp Software
[2009.12.25 18:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Vso
[2011.03.21 18:09:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.03.28 21:53:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2410AFFB-FC6E-48DF-BB48-8AEC69C9944E}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Seznam Postak" = "C:\Program Files\Seznam.cz\postak.exe" -s -- [2010.03.24 15:40:36 | 000,462,104 | ---- | M] ()
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2011.03.26 19:26:04 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com)
< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.05.05 21:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Adobe
[2010.08.21 20:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Ahead
[2010.08.12 18:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\AnvSoft
[2009.05.05 12:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ATI
[2009.12.12 14:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.19 01:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\DDMSettings
[2010.03.20 22:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\DivX
[2010.01.21 22:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EleFun Games
[2010.06.27 14:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EPSON
[2009.05.06 09:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Google
[2010.10.08 08:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Help
[2011.01.23 18:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ
[2010.01.11 01:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ Toolbar
[2009.05.05 12:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Identities
[2009.05.05 21:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Macromedia
[2011.03.26 19:49:17 | 000,000,000 | --SD | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Microsoft
[2009.05.05 12:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla
[2009.06.13 22:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Nero
[2009.11.28 18:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\NeroDigital™
[2011.02.12 22:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Shape games
[2011.03.29 16:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Skype
[2011.03.23 12:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\skypePM
[2009.05.05 22:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Sun
[2011.03.15 17:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\SUPERAntiSpyware.com
[2009.05.05 13:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Thinstall
[2009.05.05 21:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\TuneUp Software
[2009.12.25 18:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Vso
[2009.08.22 19:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.12.25 18:59:33 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ezpinst.exe
[2011.03.22 01:18:46 | 002,872,992 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2008.04.14 08:52:44 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Thinstall\PowerISO v3.7 Final\%SystemSystem%\regsvr32.exe
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 23:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.05.05 10:39:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.05.05 10:39:47 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.05 10:39:47 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
[2011.03.29 18:13:22 | 000,502,368 | ---- | M] (Eset ) -- C:\WINDOWS\system32\drivers\amon.sys
< %systemroot%\system32\*.* /3 >
[2011.03.29 18:13:23 | 000,274,432 | ---- | M] (Eset ) -- C:\WINDOWS\system32\imon.dll
[2011.03.27 10:31:55 | 000,085,312 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.03.27 10:31:55 | 000,073,260 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.03.27 10:31:55 | 000,442,984 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.03.27 10:31:55 | 000,432,356 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.03.27 10:31:55 | 001,048,628 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.03.29 18:18:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:9F683177
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:0D15C2D7
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:DFC5A2B2
< End of report >
OTL logfile created on: 29.3.2011 18:53:49 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\user.RUBICKY\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 239,00 Mb Available Physical Memory | 31,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71,95 Gb Total Space | 33,18 Gb Free Space | 46,11% Space Free | Partition Type: NTFS
Drive H: | 71,68 Gb Total Space | 50,25 Gb Free Space | 70,11% Space Free | Partition Type: NTFS
Computer Name: RUBICKY | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.03.29 18:48:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
PRC - [2011.03.29 18:13:22 | 000,450,560 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32.exe
PRC - [2011.03.29 18:13:20 | 000,921,600 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2011.03.29 18:13:20 | 000,507,904 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2011.03.26 19:26:04 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011.02.22 19:16:39 | 007,678,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.03.24 15:40:36 | 000,462,104 | ---- | M] () -- C:\Program Files\Seznam.cz\postak.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011.03.29 18:48:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.03.29 18:13:20 | 000,507,904 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
========== Driver Services (SafeList) ==========
DRV - [2011.03.29 18:13:22 | 000,502,368 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010.12.21 13:18:17 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2010.07.18 15:23:26 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.07.18 15:23:25 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.07.18 15:22:48 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2007.09.20 10:22:00 | 000,265,856 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.06.22 18:14:40 | 004,432,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.06.14 21:58:56 | 002,301,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,Search Assistant = http://search.centrum.cz/index.php?tool ... trum-1.0.0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-117609710-2139871995-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsear ... searchfor="
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.19 01:02:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.19 01:02:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.02.22 19:16:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.22 19:16:43 | 000,000,000 | ---D | M]
[2009.05.05 12:47:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Extensions
[2011.03.29 16:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\extensions
[2009.09.07 10:50:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.26 18:57:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-1.xml
[2009.08.03 16:10:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-2.xml
[2009.08.15 14:44:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-3.xml
[2009.09.14 13:57:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-4.xml
[2011.02.22 19:17:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin-5.xml
[2009.06.09 12:38:24 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\icqplugin.xml
[2010.12.04 18:00:23 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla\Firefox\Profiles\hncqpdke.default\searchplugins\mywebsearch.xml
[2011.03.29 16:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.05.06 08:46:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.02.22 19:16:35 | 000,000,000 | ---D | M] (Talkback) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER.RUBICKY\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HNCQPDKE.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2009.05.06 08:46:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\PROGRA~1\MOZILL~1\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2009.05.05 22:32:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRA~1\MOZILL~1\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2011.02.19 01:02:05 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2009.05.05 22:32:03 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.02.22 19:16:32 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2011.02.22 19:16:32 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2011.02.22 19:16:32 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2011.02.22 19:16:34 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2011.02.22 19:16:34 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2011.02.22 19:16:42 | 000,001,118 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\centrum-cz.xml
[2011.02.22 19:16:42 | 000,000,661 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.02.22 19:16:42 | 000,001,674 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.02.22 19:16:42 | 000,001,302 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.02.22 19:16:42 | 000,000,765 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
O1 HOSTS File: ([2001.10.25 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKU\S-1-5-21-117609710-2139871995-725345543-1004..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\postak.exe ()
O4 - HKU\S-1-5-21-117609710-2139871995-725345543-1004..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-117609710-2139871995-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 1525927578 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0c32b65a-6e26-11de-a97b-004f4e62ba8e}\Shell\AutoRun\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
O33 - MountPoints2\{0c32b65a-6e26-11de-a97b-004f4e62ba8e}\Shell\open\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
O33 - MountPoints2\{f1d967f7-6d90-11de-a97a-004f4e62ba8e}\Shell\AutoRun\command - "" = I:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.a3d - C:\WINDOWS\System32\a3d.dll (Aureal Semiconductor)
Drivers32: msacm.divxa - C:\WINDOWS\System32\divxa32.acm (build Pinky.cz)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3radius - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ogg - C:\WINDOWS\System32\ogg.dll ()
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.vorbisenc - C:\WINDOWS\System32\vorbisenc.dll ()
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - C:\WINDOWS\System32\divxc32.dll (build Pinky.cz)
Drivers32: vidc.div4 - C:\WINDOWS\System32\divxc32f.dll (Pinky.cz)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 30 Days ==========
[2011.03.29 18:49:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
[2011.03.29 18:17:10 | 000,502,368 | ---- | C] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys
[2011.03.29 18:17:10 | 000,274,432 | ---- | C] (Eset ) -- C:\WINDOWS\System32\imon.dll
[2011.03.29 18:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Eset
[2011.03.29 17:01:24 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.03.29 16:50:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user.RUBICKY\Recent
[2011.03.29 16:39:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.03.29 16:39:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.03.29 16:39:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.03.29 16:39:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.03.26 19:23:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.03.26 19:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Martau
[2011.03.26 19:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 5
[2011.03.21 00:27:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Alawar Stargaze
[2011.03.15 19:37:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Plocha\video
[2011.03.15 18:48:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Plocha\fotky
[2011.03.15 18:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Plocha\HRY
[2011.03.15 17:47:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\CCleaner
[2011.03.15 17:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\SUPERAntiSpyware.com
[2011.03.15 17:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\SUPERAntiSpyware.com
[2011.03.15 17:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.03.15 17:08:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.15 14:49:41 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2011.03.12 17:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.03.09 18:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.RUBICKY\Nabídka Start\Programy\Ledové Drahokamy
[2011.03.09 18:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Ledové Drahokamy
[2011.03.09 09:16:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Fighters
[2009.12.25 18:59:32 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\pcouffin.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.29 18:48:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.RUBICKY\Plocha\OTL.exe
[2011.03.29 18:18:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.29 18:18:27 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.29 18:18:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.29 18:13:23 | 000,274,432 | ---- | M] (Eset ) -- C:\WINDOWS\System32\imon.dll
[2011.03.29 18:13:22 | 000,502,368 | ---- | M] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys
[2011.03.29 18:09:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.29 16:47:36 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
[2011.03.28 21:53:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2410AFFB-FC6E-48DF-BB48-8AEC69C9944E}.job
[2011.03.27 10:31:55 | 000,442,984 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.03.27 10:31:55 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.27 10:31:55 | 000,085,312 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.03.27 10:31:55 | 000,073,260 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.03.26 22:10:19 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[2011.03.26 19:49:44 | 000,001,162 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.03.26 19:25:47 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
[2011.03.26 18:59:05 | 073,282,271 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011.03.21 18:09:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.03.19 14:08:19 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011.03.18 10:34:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.03.15 17:39:35 | 000,001,684 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\SUPERAntiSpyware Free Edition.lnk
[2011.03.09 09:32:58 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\default.pls
[2011.03.09 08:53:12 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.29 16:39:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.03.29 16:39:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.03.29 16:39:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.03.29 16:39:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.03.29 16:39:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.03.26 19:07:14 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Total Uninstall 5.lnk
[2011.03.15 18:47:43 | 000,000,639 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Plocha\BigPatience.lnk
[2011.03.15 17:47:38 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
[2011.03.15 17:39:35 | 000,001,684 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\SUPERAntiSpyware Free Edition.lnk
[2011.03.15 17:05:19 | 000,001,162 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.09.26 13:29:10 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.15 14:16:05 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009.12.25 18:59:32 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ezpinst.exe
[2009.12.25 18:59:32 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\pcouffin.cat
[2009.12.25 18:59:32 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\pcouffin.inf
[2009.07.10 22:54:13 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.06.13 22:46:01 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\default.pls
[2009.06.13 22:44:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.05.13 21:18:36 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4000.ini
[2009.05.06 09:13:02 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009.05.06 09:13:02 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009.05.06 09:13:02 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009.05.06 09:13:02 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009.05.06 09:13:02 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009.05.06 09:13:02 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009.05.06 09:13:02 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009.05.06 09:13:02 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009.05.06 09:13:02 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009.05.06 09:13:02 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2009.05.06 09:13:02 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009.05.06 09:13:02 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009.05.06 09:13:02 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009.05.06 09:13:02 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009.05.06 09:13:02 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009.05.06 09:13:02 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2009.05.06 09:13:02 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2009.05.06 09:13:02 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009.05.06 09:13:02 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.05.05 13:32:43 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.05 12:33:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.05.05 11:32:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.05.05 11:16:57 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.05.05 11:16:57 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.05.05 11:16:57 | 000,972,072 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.05.05 11:16:56 | 000,149,278 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.05.05 10:41:59 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.05.05 10:40:31 | 000,215,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.05.05 09:00:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.05.05 08:52:29 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.10.12 15:34:50 | 000,071,096 | ---- | C] () -- C:\WINDOWS\System32\NMSAccess.exe
[2005.11.17 19:57:30 | 000,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2005.11.06 01:34:50 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe
[2004.08.17 16:58:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.07.16 14:09:32 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.10.06 21:42:58 | 000,105,472 | ---- | C] () -- C:\WINDOWS\System32\oggds.dll
[2002.10.05 02:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 02:04:26 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 02:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.07.19 18:48:22 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\OggEnc.exe
[2002.05.17 23:18:30 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,442,984 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 14:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,085,312 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 14:00:00 | 000,073,260 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.03.21 00:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Alawar Stargaze
[2011.03.21 00:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
[2011.03.15 14:49:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2009.05.13 21:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\EPSON
[2011.03.09 09:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Fighters
[2010.11.12 22:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2011.03.26 19:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Martau
[2010.01.11 00:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Oberon Media
[2010.12.21 13:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2009.10.31 15:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUp Software
[2009.05.13 21:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\UDL
[2009.09.10 12:26:18 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.10.31 15:51:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009.05.29 12:27:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{EEC20228-ECAF-4B82-B511-82D50253CF58}
[2009.10.31 19:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT AUTHORITY\Data aplikací\TuneUp Software
[2010.08.12 18:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\AnvSoft
[2009.12.12 14:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.19 01:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\DDMSettings
[2010.01.21 22:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EleFun Games
[2010.06.27 14:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EPSON
[2011.01.23 18:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ
[2010.01.11 01:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ Toolbar
[2011.02.12 22:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Shape games
[2009.05.05 13:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Thinstall
[2009.05.05 21:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\TuneUp Software
[2009.12.25 18:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Vso
[2011.03.21 18:09:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.03.28 21:53:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2410AFFB-FC6E-48DF-BB48-8AEC69C9944E}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Seznam Postak" = "C:\Program Files\Seznam.cz\postak.exe" -s -- [2010.03.24 15:40:36 | 000,462,104 | ---- | M] ()
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2011.03.26 19:26:04 | 002,423,752 | ---- | M] (SUPERAntiSpyware.com)
< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.05.05 21:38:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Adobe
[2010.08.21 20:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Ahead
[2010.08.12 18:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\AnvSoft
[2009.05.05 12:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ATI
[2009.12.12 14:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.02.19 01:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\DDMSettings
[2010.03.20 22:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\DivX
[2010.01.21 22:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EleFun Games
[2010.06.27 14:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\EPSON
[2009.05.06 09:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Google
[2010.10.08 08:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Help
[2011.01.23 18:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ
[2010.01.11 01:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ICQ Toolbar
[2009.05.05 12:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Identities
[2009.05.05 21:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Macromedia
[2011.03.26 19:49:17 | 000,000,000 | --SD | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Microsoft
[2009.05.05 12:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Mozilla
[2009.06.13 22:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Nero
[2009.11.28 18:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\NeroDigital™
[2011.02.12 22:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Shape games
[2011.03.29 16:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Skype
[2011.03.23 12:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\skypePM
[2009.05.05 22:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Sun
[2011.03.15 17:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\SUPERAntiSpyware.com
[2009.05.05 13:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Thinstall
[2009.05.05 21:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\TuneUp Software
[2009.12.25 18:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Vso
[2009.08.22 19:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user.RUBICKY\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.12.25 18:59:33 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\user.RUBICKY\Data aplikací\ezpinst.exe
[2011.03.22 01:18:46 | 002,872,992 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2008.04.14 08:52:44 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\user.RUBICKY\Data aplikací\Thinstall\PowerISO v3.7 Final\%SystemSystem%\regsvr32.exe
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 23:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.05.05 10:39:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.05.05 10:39:47 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.05 10:39:47 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
[2011.03.29 18:13:22 | 000,502,368 | ---- | M] (Eset ) -- C:\WINDOWS\system32\drivers\amon.sys
< %systemroot%\system32\*.* /3 >
[2011.03.29 18:13:23 | 000,274,432 | ---- | M] (Eset ) -- C:\WINDOWS\system32\imon.dll
[2011.03.27 10:31:55 | 000,085,312 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.03.27 10:31:55 | 000,073,260 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.03.27 10:31:55 | 000,442,984 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.03.27 10:31:55 | 000,432,356 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.03.27 10:31:55 | 001,048,628 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.03.29 18:18:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:9F683177
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:0D15C2D7
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:DFC5A2B2
< End of report >
Re: Prosím o kontr.logu jiného pc příbuzných
Spustte OTL-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:9F683177
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:0D15C2D7
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:DFC5A2B2
O33 - MountPoints2\{0c32b65a-6e26-11de-a97b-004f4e62ba8e}\Shell\AutoRun\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
O33 - MountPoints2\{0c32b65a-6e26-11de-a97b-004f4e62ba8e}\Shell\open\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
:files
C:\WINDOWS\System32\ezsidmv.dat
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
:commands
[emptytemp]
[EMPTYFLASH]
[clearallrestorepoints]
[Reboot]-klikněte na tlačítko opravit.
-Následně se pc restartuje.
Zapojte do pc všechny usb klíče, flashky...co používátePoužijte USB fix
http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci-spusťte
-klikněte na volbu research , potvrdte enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt
- Log vložte zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?