Extrémně zpomalený notebook

[nicky.2000]

Dnes už tu asi nejsi. Tak snad se nám to zítra podaří dokončit. Musím říct, že počítač je v tuto chvíli asi tak 10x rychlejší než na počátku celého procesu. Akorát tam teď asi teda není žádný antivirák.

[stell]

Antivirak nainstalujeme, az ked pc bude ok
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
SecCenter::
{A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
Folder::
c:\program files\Lavasoft
c:\program files\McAfee Security Scan
File::
c:\documents and settings\All Users\Data aplikací\Lavasoft
c:\windows\Tasks\Ad-Aware Update (Weekly).job
Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
Driver::
Lavasoft Ad-Aware Service
Lavasoft Kernexplorer
McComponentHostService
DDS::
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
FireFox::
FF - ProfilePath - c:\documents and settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
RegNull::
[HKEY_USERS\S-1-5-21-1979945919-1417107412-3463332416-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C6906524-6A71-6559-6CD2-CF8E83049EF8}*]

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log čo ComboFix vytvorí

klikni na start>.klikni na spustit>>napis>>cmd
>stlac>.enter
Do cierneho okna skopiruj tento prikaz
chkdsk /f/r
Enter
Vypise ze zvazek pouziva proces....bla,,bla,,bla..
Stlacis a/Yes/y>.Enter>>restart>>a nechas aby chkdsk skontroloval pevny disk.

stiahnes defraggrer.
A spravis defrag
http://www.piriform.com/defraggler

Nainstalujes Avira AntiVir Personal - Free Antivirus
http://www.avira.com/en/avira-free-antivirus

Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
do okna >vloz zeleny text a klik Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt >.bude na ploche a Extras.txt>>bude na hlavnom panely.

[nicky.2000]

ComboFix 11-04-19.03 - Lucie - Kubátová 23.04.2011 15:29:58.2.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.239.125 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucie - Kubátová\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lucie - Kubátová\Plocha\CFScript.txt
FW: Sunbelt Personal Firewall *Disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
FILE ::
"c:\documents and settings\All Users\Data aplikací\Lavasoft"
"c:\windows\Tasks\Ad-Aware Update (Weekly).job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Lavasoft
c:\program files\Lavasoft\Ad-Aware\aawapi.dll
c:\program files\Lavasoft\Ad-Aware\AAWService.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\program files\Lavasoft\Ad-Aware\Ad-Aware.exe
c:\program files\Lavasoft\Ad-Aware\Ad-Aware_manual_EN.chm
c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
c:\program files\Lavasoft\Ad-Aware\Ad-AwareCommand.exe
c:\program files\Lavasoft\Ad-Aware\AutoLaunch.exe
c:\program files\Lavasoft\Ad-Aware\AWSC.exe
c:\program files\Lavasoft\Ad-Aware\AWSCUpdate.dll
c:\program files\Lavasoft\Ad-Aware\CEAPI.dll
c:\program files\Lavasoft\Ad-Aware\dbghelp.dll
c:\program files\Lavasoft\Ad-Aware\Drivers\32\AAWDriverTool.exe
c:\program files\Lavasoft\Ad-Aware\Drivers\32\DIFxAPI.dll
c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.cat
c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.inf
c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.sys
c:\program files\Lavasoft\Ad-Aware\Drivers\64\AAWDriverTool.exe
c:\program files\Lavasoft\Ad-Aware\Drivers\64\DIFxAPI.dll
c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.cat
c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.inf
c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.sys
c:\program files\Lavasoft\Ad-Aware\Drivers\i386\sbaphd.sys
c:\program files\Lavasoft\Ad-Aware\Drivers\i386\sbapifs.sys
c:\program files\Lavasoft\Ad-Aware\Drivers\i386\sbapifsl.sys
c:\program files\Lavasoft\Ad-Aware\Drivers\sbapifs.cat
c:\program files\Lavasoft\Ad-Aware\Drivers\sbapifs.inf
c:\program files\Lavasoft\Ad-Aware\Drivers\sbapifsl.cat
c:\program files\Lavasoft\Ad-Aware\Drivers\sbapx64.cat
c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys
c:\program files\Lavasoft\Ad-Aware\Languages\resource_de-DE.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_en-US.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_es-ES.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_fr-FR.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_it-IT.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_ja-JP.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_nl-NL.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_pt-PT.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_sv-SE.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_tr-TR.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_zh-CN.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_zh-TW.xml
c:\program files\Lavasoft\Ad-Aware\Languages\ResourceAdmin.xml
c:\program files\Lavasoft\Ad-Aware\lavalicense.dll
c:\program files\Lavasoft\Ad-Aware\lavamessage.dll
c:\program files\Lavasoft\Ad-Aware\Lavasoft Homepage.url
c:\program files\Lavasoft\Ad-Aware\lsdelete.exe
c:\program files\Lavasoft\Ad-Aware\Neutralize.dll
c:\program files\Lavasoft\Ad-Aware\PrivacyClean.dll
c:\program files\Lavasoft\Ad-Aware\Rebrand.dat
c:\program files\Lavasoft\Ad-Aware\Resources.dll
c:\program files\Lavasoft\Ad-Aware\Resources\Carbon.eGL
c:\program files\Lavasoft\Ad-Aware\Resources\Default.eGL
c:\program files\Lavasoft\Ad-Aware\Resources\Gold.eGL
c:\program files\Lavasoft\Ad-Aware\Resources\Orange.eGL
c:\program files\Lavasoft\Ad-Aware\Resources\Sedona.eGL
c:\program files\Lavasoft\Ad-Aware\RPAPI.dll
c:\program files\Lavasoft\Ad-Aware\sbap.dll
c:\program files\Lavasoft\Ad-Aware\SBRE.dll
c:\program files\Lavasoft\Ad-Aware\SBTE.dll
c:\program files\Lavasoft\Ad-Aware\ShellExt.dll
c:\program files\Lavasoft\Ad-Aware\threatwork.exe
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\AutoStart Manager.exe
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Settings.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Skins\grey\gbottompic.bmp
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Skins\grey\gbottompicp.bmp
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Skins\grey\gtoppic.bmp
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Skins\grey\gtoppicp.bmp
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Skins\grey\skin.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\SO.dll
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\de.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\en.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\es.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\fr.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\it.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\ja.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\nl.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\pr.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\zh-cmn-Hans.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\Translations\zh-cmn-Hant.xml
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Extras.LGFF
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\HostFileEditor.exe
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\DE.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\EN.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\ES.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\FL.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\FR.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\IT.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\NL.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\Lang\PT.lslang
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\ProcessWatch.dll
c:\program files\Lavasoft\Ad-Aware\ToolBox\LT\ProcessWatch.exe
c:\program files\Lavasoft\Ad-Aware\unrar.dll
c:\program files\Lavasoft\Ad-Aware\UpdateManager.dll
c:\program files\Lavasoft\Ad-Aware\Vipre.dll
c:\program files\Lavasoft\Ad-Aware\VipreBridge.dll
c:\program files\McAfee Security Scan
c:\program files\McAfee Security Scan\2.0.181\AVScanComponent.dll
c:\program files\McAfee Security Scan\2.0.181\AVScanner.ini
c:\program files\McAfee Security Scan\2.0.181\avvclean.dat
c:\program files\McAfee Security Scan\2.0.181\avvnames.dat
c:\program files\McAfee Security Scan\2.0.181\avvscan.dat
c:\program files\McAfee Security Scan\2.0.181\config.dat
c:\program files\McAfee Security Scan\2.0.181\ftconfig.ini
c:\program files\McAfee Security Scan\2.0.181\McAfee.ico
c:\program files\McAfee Security Scan\2.0.181\mcbrwsr2.dll
c:\program files\McAfee Security Scan\2.0.181\MCCompHostConfig.ini
c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe
c:\program files\McAfee Security Scan\2.0.181\mcscan32.dll
c:\program files\McAfee Security Scan\2.0.181\mcuicnt.exe
c:\program files\McAfee Security Scan\2.0.181\McUpdater.dll
c:\program files\McAfee Security Scan\2.0.181\sa_cache_sqlite.dll
c:\program files\McAfee Security Scan\2.0.181\sa_http_win32.dll
c:\program files\McAfee Security Scan\2.0.181\sa_mbl.dll
c:\program files\McAfee Security Scan\2.0.181\sa_store_sqlite.dll
c:\program files\McAfee Security Scan\2.0.181\sacore.db
c:\program files\McAfee Security Scan\2.0.181\sacore.dll
c:\program files\McAfee Security Scan\2.0.181\sacoredata\uds_filetypes.txt
c:\program files\McAfee Security Scan\2.0.181\sacoredata\uds_hosting.txt
c:\program files\McAfee Security Scan\2.0.181\sacoredata\uds_tlds.txt
c:\program files\McAfee Security Scan\2.0.181\SecurityScanner.dll
c:\program files\McAfee Security Scan\2.0.181\SecurityScanner_LD.dll
c:\program files\McAfee Security Scan\2.0.181\sqlite3.dll
c:\program files\McAfee Security Scan\2.0.181\SSCustom_LD.dll
c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe
c:\program files\McAfee Security Scan\2.0.181\WebInfoScanner.dll
c:\program files\McAfee Security Scan\2.0.181\WMIScanner.dll
c:\program files\McAfee Security Scan\uninstall.exe
c:\windows\Tasks\Ad-Aware Update (Weekly).job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_LAVASOFT_AD-AWARE_SERVICE
-------\Legacy_LAVASOFT_KERNEXPLORER
-------\Legacy_MCCOMPONENTHOSTSERVICE
-------\Service_Lavasoft Ad-Aware Service
-------\Service_Lavasoft Kernexplorer
-------\Service_McComponentHostService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-23 do 2011-04-23 )))))))))))))))))))))))))))))))
.
.
2011-04-22 20:45 . 2011-04-22 20:45 -------- d-----w- c:\program files\CCleaner
2011-04-22 19:20 . 2011-04-22 19:20 -------- d-----w- C:\_OTM
2011-04-22 17:45 . 2011-04-22 17:45 -------- d-----w- c:\program files\trend micro
2011-04-22 17:44 . 2011-04-22 17:44 -------- d-----w- C:\rsit
2011-04-22 02:55 . 2011-04-21 19:18 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-04-21 20:40 . 2011-04-21 20:40 -------- d-----w- c:\documents and settings\LocalService\Plocha
2011-04-21 19:49 . 2008-10-31 05:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2011-04-21 19:49 . 2008-06-21 02:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2011-04-21 19:18 . 2011-02-28 10:10 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-04-21 19:18 . 2011-04-21 19:18 -------- d-----w- c:\windows\system32\DRVSTORE
2011-04-21 19:18 . 2011-04-21 19:18 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-21 19:06 . 2011-04-21 19:06 -------- d-----w- c:\documents and settings\Lucie - Kubátová\Local Settings\Data aplikací\Sunbelt Software
2011-04-21 19:06 . 2011-04-21 19:06 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\{48F52499-ADE3-4774-9621-FB173785947D}
2011-04-21 19:05 . 2011-04-21 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-04-20 16:39 . 2011-04-20 16:39 -------- d-----w- c:\program files\ICQ6Toolbar
2011-04-20 16:37 . 2011-04-20 16:37 -------- d-----w- c:\program files\ICQ7.4
2011-04-09 12:31 . 2011-04-09 12:31 -------- d-----w- c:\program files\Defraggler
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2004-10-12 16:22 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 1979-12-31 22:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 1979-12-31 22:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 1979-12-31 22:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 1979-12-31 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 1979-12-31 22:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:42 . 1979-12-31 22:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 1979-12-31 22:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 1979-12-31 22:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 1979-12-31 22:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 14:44 . 2004-10-12 16:20 232448 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 12:53 . 1979-12-31 22:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 12:53 . 1979-12-31 22:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 1979-12-31 22:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 1979-12-31 22:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 06:58 . 2004-10-12 16:20 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 10:57 . 2004-10-12 16:20 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-18 16:55 . 2011-03-24 08:35 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-22_21.16.18 )))))))))))))))))))))))))))))))))))))))))
.
- 1979-12-31 22:00 . 2011-04-22 20:42 41842 c:\windows\system32\perfc009.dat
+ 1979-12-31 22:00 . 2011-04-23 11:36 41842 c:\windows\system32\perfc009.dat
+ 1979-12-31 22:00 . 2011-04-23 11:36 48420 c:\windows\system32\perfc005.dat
- 1979-12-31 22:00 . 2011-04-22 20:42 48420 c:\windows\system32\perfc005.dat
+ 1979-12-31 22:00 . 2011-04-23 11:36 316184 c:\windows\system32\perfh009.dat
- 1979-12-31 22:00 . 2011-04-22 20:42 316184 c:\windows\system32\perfh009.dat
+ 1979-12-31 22:00 . 2011-04-23 11:36 314802 c:\windows\system32\perfh005.dat
- 1979-12-31 22:00 . 2011-04-22 20:42 314802 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2004-11-02 2884096]
"AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 88361]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-08-06 385024]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-08-06 14:48 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21.4.2011 21:18 64512]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.3.2009 1:14 721904]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [21.4.2011 21:49 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [21.4.2011 21:49 65576]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [26.7.2007 13:55 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [26.7.2007 13:55 64896]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [1.1.1980 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz
IE: {{2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz
IE: {{2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz
IE: {{2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz
IE: {{2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz
IE: {{309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz
IE: {{49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
IE: {{8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz
IE: {{8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz
IE: {{A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz
IE: {{BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz
IE: {{DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/
IE: {{FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/
FF - ProfilePath - c:\documents and settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-McAfee Security Scan - c:\program files\McAfee Security Scan\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-23 15:42
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1979945919-1417107412-3463332416-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(948)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
- - - - - - - > 'explorer.exe'(1660)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\ZcfgSvc.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\SYSTEM32\GEARSEC.EXE
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Intel\Wireless\Bin\OProtSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows\AGRSMMSG.exe
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2011-04-23 15:46:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-23 13:46
ComboFix2.txt 2011-04-22 21:23
.
Před spuštěním: 4 177 264 640
Po spuštění: 4 163 862 528
.
- - End Of File - - AC24DCCC3CA544B26748EE9F75EBFE1A

[stell]

pokracovat dalej, tak ako som napisal.

[nicky.2000]

OTL logfile created on: 23.4.2011 23:06:13 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Lucie - Kubátová\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

239,00 Mb Total Physical Memory | 49,00 Mb Available Physical Memory | 20,00% Memory free
586,00 Mb Paging File | 266,00 Mb Available in Paging File | 45,00% Paging File free
Paging file location(s): C:\pagefile.sys 360 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,99 Gb Total Space | 3,45 Gb Free Space | 17,26% Space Free | Partition Type: FAT32
Drive D: | 89,81 Gb Total Space | 69,02 Gb Free Space | 76,85% Space Free | Partition Type: FAT32

Computer Name: LUCKA | User Name: Lucie - Kubátová | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.04.23 23:02:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucie - Kubátová\Plocha\OTL.exe
PRC - [2011.03.04 14:37:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.04 14:36:54 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.04 14:36:52 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 21:11:02 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 07:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.08.06 16:51:54 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
PRC - [2004.08.06 16:48:52 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004.08.06 16:48:34 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2003.10.20 13:47:36 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe


========== Modules (SafeList) ==========

MOD - [2011.04.23 23:02:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucie - Kubátová\Plocha\OTL.exe
MOD - [2010.08.23 17:12:34 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.03.04 14:37:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.04 14:36:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.02.02 10:57:54 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2008.12.01 10:59:52 | 000,033,752 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2004.08.06 16:51:54 | 000,098,304 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
SRV - [2003.10.20 13:47:36 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)


========== Driver Services (SafeList) ==========

DRV - [2011.03.04 16:11:14 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.03.04 14:37:14 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.02.28 12:10:44 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010.06.17 14:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:27:14 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 19:55:32 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.10.31 07:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.06.21 04:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 04:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2005.12.21 03:16:34 | 000,470,048 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005.05.02 13:55:34 | 000,064,896 | R--- | M] (AnyDATA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adusbser65.sys -- (adusbser6501) AnyDATA CDMA USB Serial Port (PID 6501)
DRV - [2005.05.02 13:55:34 | 000,064,896 | R--- | M] (AnyDATA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adusbmdm65.sys -- (adusbmdm6501) AnyDATA CDMA USB Modem Driver (PID 6501)
DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004.09.02 17:27:00 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2004.08.09 14:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004.08.07 18:51:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004.08.06 16:44:14 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004.07.22 07:50:16 | 001,268,234 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004.07.19 13:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2004.06.16 11:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2003.10.08 04:11:26 | 000,033,847 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wA301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
DRV - [2003.01.10 10:56:34 | 000,030,921 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SQCaptur.sys -- (DCamUSBSQTECH) Dual-Mode DSC(2770)
DRV - [2002.08.14 15:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aktualne.cz [binary data]


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.centrum.cz/?ms=ge
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.aktualne.cz [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aktualne.cz [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.centrum.cz/?ms=ge
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.aktualne.cz [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aktualne.cz [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.centrum.cz/?ms=ge
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.aktualne.cz [binary data]
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aktualne.cz [binary data]
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/?ms=ge

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.centrum.cz/?ms=ge
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.aktualne.cz [binary data]
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aktualne.cz [binary data]
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/?ms=ge

IE - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.aktualne.cz [binary data]
IE - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS_Player Customized Web Search"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.3.0244
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2006.12.20 21:45:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2006.12.20 21:45:02 | 000,000,000 | ---D | M]

[2009.06.10 13:52:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Extensions
[2006.04.06 12:42:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\extensions
[2011.04.20 18:39:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.03.21 19:58:14 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.01.11 23:42:54 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\bsplayer-search.xml
[2009.02.26 13:22:28 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\conduit.xml
[2009.06.10 14:03:04 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\daemon-search.xml
[2011.02.07 20:19:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-2.xml
[2011.02.09 22:17:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-6.xml
[2011.02.27 17:50:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-4.xml
[2011.03.08 15:52:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-7.xml
[2011.03.08 22:16:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-8.xml
[2011.03.17 17:41:00 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-1.xml
[2011.03.24 09:46:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-9.xml
[2011.03.24 09:56:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-3.xml
[2011.03.24 10:37:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-10.xml
[2011.03.25 11:30:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-11.xml
[2011.03.26 22:54:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-12.xml
[2011.04.09 19:08:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin-5.xml
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\searchplugins\icqplugin.xml
[2007.11.08 17:54:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.03.11 16:00:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) --
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LUCIE - KUBáTOVá\DATA APLIKACí\MOZILLA\FIREFOX\PROFILES\06TIKKS2.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2011.03.18 18:55:52 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2006.07.31 16:07:16 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.04.23 15:42:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\..\Toolbar\WebBrowser: (no name) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - No CLSID value found.
O3 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Bleskovì - {141D2E4F-F313-4991-B61A-EE5D6D849361} - File not found
O9 - Extra Button: Centrum.cz - {2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - File not found
O9 - Extra Button: Xchat - {2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - File not found
O9 - Extra Button: Aktuálnì - {2E01031B-AB09-4455-823D-25F1A1C11F48} - File not found
O9 - Extra Button: Slovníky - {2F741D0A-150E-40F9-A602-1B2421475F1D} - File not found
O9 - Extra Button: Supermapy - {309176E6-E204-40A0-8D13-7F19C0498C40} - File not found
O9 - Extra Button: mp3.centrum.cz - {49681216-5BF4-41A2-AAFA-129A6BD625DA} - File not found
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Žena - {8B6E8E01-D262-4980-8C27-B8B2802285C1} - File not found
O9 - Extra Button: Fotoalba - {8FD64249-590C-4FBC-B181-12A6BAF516AF} - File not found
O9 - Extra Button: Poèasí - {A5050656-2286-454F-A489-C605ED1B461C} - File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra Button: Sportplus - {BC78516C-9DC9-40C5-A91E-74593222EF89} - File not found
O9 - Extra Button: Digitálnì - {DAE865E8-970E-4931-A172-119CB56BBAF5} - File not found
O9 - Extra Button: Stahuj.cz - {FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://gamerival.oberon-media.com/Games ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.18.103 79.98.156.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Lucie - Kubátová\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lucie - Kubátová\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.10.12 18:25:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.04.23 23:02:29 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lucie - Kubátová\Plocha\OTL.exe
[2011.04.23 22:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
[2011.04.23 22:54:02 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.04.23 22:54:01 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.04.23 22:54:01 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.04.23 22:54:01 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011.04.23 22:54:01 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011.04.23 22:53:58 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.04.23 22:53:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2011.04.23 16:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2011.04.23 16:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2011.04.23 16:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011.04.23 16:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2011.04.23 16:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2011.04.23 16:19:58 | 000,000,000 | -HSD | C] -- C:\Recycled
[2011.04.23 15:46:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.04.22 23:03:44 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.04.22 23:00:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.04.22 22:52:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lucie - Kubátová\Recent
[2011.04.22 22:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.04.22 22:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.04.22 19:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.04.21 21:49:07 | 000,270,888 | R--- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFw.sys
[2011.04.21 21:49:07 | 000,065,576 | ---- | C] (Sunbelt Software, Inc.) -- C:\WINDOWS\System32\drivers\SbFwIm.sys
[2011.04.21 21:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Sunbelt Software
[2011.04.21 21:18:53 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011.04.21 21:18:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011.04.21 21:18:38 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011.04.21 21:06:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucie - Kubátová\Local Settings\Data aplikací\Sunbelt Software
[2011.04.21 21:06:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{48F52499-ADE3-4774-9621-FB173785947D}
[2011.04.21 21:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Lavasoft
[2011.04.21 21:05:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2011.04.20 18:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ICQ7.4
[2011.04.20 18:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2011.04.20 18:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.4
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 30 Days ==========

[2011.04.23 23:02:58 | 000,316,184 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.04.23 23:02:58 | 000,314,802 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.04.23 23:02:58 | 000,048,420 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.04.23 23:02:58 | 000,041,842 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.04.23 23:02:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucie - Kubátová\Plocha\OTL.exe
[2011.04.23 22:59:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.04.23 22:58:46 | 000,000,956 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.23 22:58:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.04.23 22:58:34 | 251,187,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.23 22:54:18 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2011.04.23 22:27:52 | 000,163,328 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.23 22:27:06 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.23 16:22:12 | 000,001,488 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2011.04.22 23:03:50 | 000,000,310 | RHS- | M] () -- C:\BOOT.INI
[2011.04.22 22:52:34 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Dokumenty\cc_20110422_225227.reg
[2011.04.22 22:51:36 | 000,002,422 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Dokumenty\cc_20110422_225130.reg
[2011.04.22 22:50:46 | 000,179,198 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Dokumenty\cc_20110422_225037.reg
[2011.04.22 22:45:56 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.04.22 22:35:30 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.04.22 02:14:22 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Plocha\Microsoft Office Word 2003.lnk
[2011.04.21 21:18:38 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011.04.21 21:18:36 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011.04.20 18:42:02 | 000,001,395 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.4.lnk
[2011.04.16 10:01:44 | 000,332,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.31 00:40:32 | 000,001,418 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Plocha\FreeCell.lnk
[2011.03.28 13:19:40 | 000,001,387 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Plocha\Solitaire.lnk
[2011.03.26 10:39:06 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\Lucie - Kubátová\Plocha\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2011.04.23 22:54:17 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2011.04.23 16:22:11 | 000,001,488 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2011.04.23 16:22:03 | 000,000,960 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.23 16:22:02 | 000,000,956 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.22 23:03:49 | 000,000,194 | ---- | C] () -- C:\Boot.bak
[2011.04.22 23:03:46 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.04.22 22:52:29 | 000,001,056 | ---- | C] () -- C:\Documents and Settings\Lucie - Kubátová\Dokumenty\cc_20110422_225227.reg
[2011.04.22 22:51:33 | 000,002,422 | ---- | C] () -- C:\Documents and Settings\Lucie - Kubátová\Dokumenty\cc_20110422_225130.reg
[2011.04.22 22:50:40 | 000,179,198 | ---- | C] () -- C:\Documents and Settings\Lucie - Kubátová\Dokumenty\cc_20110422_225037.reg
[2011.04.22 22:45:55 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.04.22 22:36:33 | 251,187,200 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.22 04:55:29 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011.04.20 18:42:01 | 000,001,395 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.4.lnk
[2009.03.23 03:28:48 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2009.02.17 16:14:50 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\BladeEnc.dll
[2008.12.19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 18:22:48 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.11.23 20:52:35 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.11.14 05:19:38 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008.10.21 16:29:15 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008.10.21 16:29:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.10.21 16:29:09 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008.10.21 16:29:03 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008.10.21 16:29:00 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008.03.20 12:04:28 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.01.14 11:06:24 | 000,000,669 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.05.17 19:25:25 | 000,087,040 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2007.05.08 00:16:40 | 000,000,008 | ---- | C] () -- C:\WINDOWS\spobuffx.ini
[2007.03.03 15:47:53 | 000,000,034 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2006.11.02 17:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006.10.31 14:22:56 | 000,001,028 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.04.10 17:23:04 | 000,000,335 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2006.04.06 12:42:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 11:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2005.05.27 15:35:18 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.04.12 22:19:46 | 000,000,183 | ---- | C] () -- C:\WINDOWS\MTB30.INI
[2005.04.12 22:19:10 | 000,000,123 | ---- | C] () -- C:\WINDOWS\asym.ini
[2005.02.17 15:09:18 | 000,163,328 | ---- | C] () -- C:\Documents and Settings\Lucie - Kubátová\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.01.23 17:25:37 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.01.23 15:43:31 | 000,001,267 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2004.12.28 18:04:22 | 000,004,500 | ---- | C] () -- C:\WINDOWS\System32\FILTRCOI.DLL
[2004.10.13 09:39:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004.10.13 09:25:38 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2004.10.13 09:25:37 | 000,000,225 | ---- | C] () -- C:\WINDOWS\FlashSaver.dat
[2004.10.12 18:41:23 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\ntiembed.dll
[2004.10.12 18:40:53 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2004.10.12 18:40:53 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2004.10.12 18:30:34 | 000,037,684 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.10.12 18:30:34 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMOVE.EXE
[2004.10.12 18:29:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004.10.12 18:22:25 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.10.12 18:20:49 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.10.12 18:15:50 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.10.12 18:14:48 | 000,332,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.08.12 08:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.03.21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1980.01.01 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[1980.01.01 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[1980.01.01 00:00:00 | 000,589,824 | ---- | C] () -- C:\WINDOWS\ANTIV.EXE
[1980.01.01 00:00:00 | 000,316,184 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1980.01.01 00:00:00 | 000,314,802 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[1980.01.01 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[1980.01.01 00:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[1980.01.01 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1980.01.01 00:00:00 | 000,048,420 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[1980.01.01 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[1980.01.01 00:00:00 | 000,041,842 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1980.01.01 00:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[1980.01.01 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[1980.01.01 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[1980.01.01 00:00:00 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1980.01.01 00:00:00 | 000,002,790 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[1980.01.01 00:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[1980.01.01 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1980.01.01 00:00:00 | 000,000,095 | ---- | C] () -- C:\WINDOWS\ALaunch.ini

========== LOP Check ==========

[2005.01.23 15:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2006.04.25 21:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap
[2008.01.04 02:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Zylom
[2008.09.23 20:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.02.17 16:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.11 16:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.03.15 01:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.03.31 00:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GameHouse
[2009.04.19 21:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpinTop Games
[2009.05.06 01:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2009.05.06 01:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Farm Frenzy
[2011.02.10 16:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.02.22 22:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Princess Isabella
[2011.04.21 21:06:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{48F52499-ADE3-4774-9621-FB173785947D}
[2005.01.23 17:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\ACD Systems
[2005.02.07 16:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\XnView Deluxe
[2006.04.03 19:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\ICQLite
[2006.05.03 12:27:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Ashampoo
[2006.11.07 23:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\ICQ Toolbar
[2007.04.18 23:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Miranda
[2007.06.06 15:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\ICQ
[2007.11.07 21:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\QIP
[2008.09.23 20:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\ESET
[2009.01.11 23:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\BSplayer Pro
[2009.02.17 16:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\BriskRecorder
[2009.03.01 21:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\Zoner
[2009.03.08 05:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\InterTrust
[2009.03.15 01:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\DAEMON Tools Lite
[2009.03.15 01:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\DAEMON Tools Pro
[2009.03.15 01:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\DAEMON Tools
[2009.04.22 21:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie - Kubátová\Data aplikací\BSplayer

========== Purity Check ==========



========== Custom Scans ==========


< KILLALL:: >

< SecCenter:: >

< {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} >

< Folder:: >

< c:\program files\Lavasoft >

< c:\program files\McAfee Security Scan >

< File:: >

< c:\documents and settings\All Users\Data aplikací\Lavasoft >

< c:\windows\Tasks\Ad-Aware Update (Weekly).job >

< Registry:: >

< [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] >

< Driver:: >

< Lavasoft Ad-Aware Service >

< Lavasoft Kernexplorer >

< McComponentHostService >

< DDS:: >

< IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML >
Invalid Switch: SEARCH.HTML


< FireFox:: >

< FF - ProfilePath - c:\documents and settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\ >

< FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q= >
Invalid Switch: ResultsExt.as ... ource=3&q=


< FF - prefs.js: browser.search.selectedEngine - ICQ Search >

< FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/ >
Invalid Switch:


< FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q= >
Invalid Switch: afe_result ... r=1.1.9&q=


< RegNull:: >

< [HKEY_USERS\S-1-5-21-1979945919-1417107412-3463332416-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C6906524-6A71-6559-6CD2-CF8E83049EF8}*] >

< End of report >

[nicky.2000]

OTL Extras logfile created on: 23.4.2011 23:06:13 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Lucie - Kubátová\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

239,00 Mb Total Physical Memory | 49,00 Mb Available Physical Memory | 20,00% Memory free
586,00 Mb Paging File | 266,00 Mb Available in Paging File | 45,00% Paging File free
Paging file location(s): C:\pagefile.sys 360 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,99 Gb Total Space | 3,45 Gb Free Space | 17,26% Space Free | Partition Type: FAT32
Drive D: | 89,81 Gb Total Space | 69,02 Gb Free Space | 76,85% Space Free | Partition Type: FAT32

Computer Name: LUCKA | User Name: Lucie - Kubátová | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\System32\usmt\migwiz.exe" = C:\WINDOWS\System32\usmt\migwiz.exe:*:Disabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{766D51EF-3F9E-490F-8490-0F24910F18BC}" = Zoner Media Explorer 6
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" =
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AudioCrusher_is1" = AudioCrusher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Defraggler" = Defraggler
"DVD Shrink_is1" = DVD Shrink 3.2
"ffdshow_is1" = ffdshow [rev 2946] [2009-05-15]
"GearDrivers" = GearDrivers
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold
"LManager" = Launch Manager
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProInst" = Intel(R) PROSet/Wireless Software
"save2pc Light_is1" = save2pc Light 3.38
"Sibelius v3.1" = Sibelius v3.1
"Tinynice MP3Recorder_is1" = Tinynice MP3Recorder 1.00 Beta
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView LE" = XnView LE
"XP Codec Pack" = XP Codec Pack
"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1979945919-1417107412-3463332416-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9.4.2011 17:19:29 | Computer Name = LUCKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.4.2011 19:17:07 | Computer Name = LUCKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.4.2011 19:17:23 | Computer Name = LUCKA | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul gcswf32.dll,
verze 10.2.154.25, adresa chyby 0x00111363.

Error - 13.4.2011 17:37:45 | Computer Name = LUCKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.4.2011 11:02:57 | Computer Name = LUCKA | Source = Application Error | ID = 1000
Description = Chybující aplikace kpf4ss.exe, verze 4.3.635.0, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x00019af2.

Error - 20.4.2011 17:03:31 | Computer Name = LUCKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 21.4.2011 15:06:44 | Computer Name = LUCKA | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 21.4.2011 15:28:47 | Computer Name = LUCKA | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 21.4.2011 16:01:30 | Computer Name = LUCKA | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 23.4.2011 13:27:11 | Computer Name = LUCKA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Defraggler.exe, verze 2.4.0.297, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 23.4.2011 9:29:32 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba Spectrum24 Event Monitor byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 23.4.2011 9:29:32 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba OwnershipProtocol byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 23.4.2011 9:29:32 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 23.4.2011 9:29:32 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba RegSrvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 23.4.2011 9:29:32 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba GEARSecurity byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 23.4.2011 9:29:32 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba SbPF.Launcher byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 23.4.2011 9:29:32 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 23.4.2011 9:29:33 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 23.4.2011 9:29:33 | Computer Name = LUCKA | Source = Service Control Manager | ID = 7034
Description = Služba EvtEng byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 23.4.2011 9:40:19 | Computer Name = LUCKA | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_LAVASOFT_KERNEXPLORER\0000 se již v systému nenachází,
přestože nebylo nejdříve připraveno k odebrání.


< End of report >

[stell]

To si poplietla, tento script sprav s COMBOFIXOM

[quote="stell"]Antivirak nainstalujeme, az ked pc bude ok
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
SecCenter::
{A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
Folder::
c:\program files\Lavasoft
c:\program files\McAfee Security Scan
File::
c:\documents and settings\All Users\Data aplikací\Lavasoft
c:\windows\Tasks\Ad-Aware Update (Weekly).job
Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
Driver::
Lavasoft Ad-Aware Service
Lavasoft Kernexplorer
McComponentHostService
DDS::
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
FireFox::
FF - ProfilePath - c:\documents and settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
RegNull::
[HKEY_USERS\S-1-5-21-1979945919-1417107412-3463332416-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C6906524-6A71-6559-6CD2-CF8E83049EF8}*]

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log čo ComboFix vytvorí

[nicky.2000]

Nevím, kde jsem udělala chybu, ale nový log z combofixu je tady:

ComboFix 11-04-24.02 - Lucie - Kubátová 24.04.2011 22:30:04.3.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.239.123 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucie - Kubátová\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lucie - Kubátová\Plocha\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *Disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
FILE ::
"c:\documents and settings\All Users\Data aplikací\Lavasoft"
"c:\windows\Tasks\Ad-Aware Update (Weekly).job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-24 do 2011-04-24 )))))))))))))))))))))))))))))))
.
.
2011-04-23 20:54 . 2011-03-04 14:11 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-23 20:54 . 2011-03-04 12:37 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-04-23 20:54 . 2010-06-17 12:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-04-23 20:54 . 2010-06-17 12:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-04-23 20:53 . 2011-04-23 20:54 -------- d-----w- c:\program files\Avira
2011-04-23 20:53 . 2011-04-23 20:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2011-04-23 14:27 . 2011-04-23 14:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-04-23 14:22 . 2011-04-23 14:22 -------- d-----w- c:\program files\Defraggler
2011-04-23 14:22 . 2011-04-23 14:22 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-04-22 20:45 . 2011-04-22 20:45 -------- d-----w- c:\program files\CCleaner
2011-04-22 17:45 . 2011-04-22 17:45 -------- d-----w- c:\program files\trend micro
2011-04-22 02:55 . 2011-04-21 19:18 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-04-21 20:40 . 2011-04-21 20:40 -------- d-----w- c:\documents and settings\LocalService\Plocha
2011-04-21 19:49 . 2008-10-31 05:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2011-04-21 19:49 . 2008-06-21 02:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2011-04-21 19:18 . 2011-02-28 10:10 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-04-21 19:18 . 2011-04-21 19:18 -------- d-----w- c:\windows\system32\DRVSTORE
2011-04-21 19:18 . 2011-04-21 19:18 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-21 19:06 . 2011-04-21 19:06 -------- d-----w- c:\documents and settings\Lucie - Kubátová\Local Settings\Data aplikací\Sunbelt Software
2011-04-21 19:06 . 2011-04-21 19:06 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\{48F52499-ADE3-4774-9621-FB173785947D}
2011-04-21 19:05 . 2011-04-21 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-04-20 16:39 . 2011-04-20 16:39 -------- d-----w- c:\program files\ICQ6Toolbar
2011-04-20 16:37 . 2011-04-20 16:37 -------- d-----w- c:\program files\ICQ7.4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2004-10-12 16:22 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 1979-12-31 22:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 1979-12-31 22:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 1979-12-31 22:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 1979-12-31 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 1979-12-31 22:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:42 . 1979-12-31 22:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 1979-12-31 22:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 1979-12-31 22:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 1979-12-31 22:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 14:44 . 2004-10-12 16:20 232448 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 12:53 . 1979-12-31 22:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 12:53 . 1979-12-31 22:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 1979-12-31 22:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 1979-12-31 22:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 06:58 . 2004-10-12 16:20 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 10:57 . 2004-10-12 16:20 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-18 16:55 . 2011-03-24 08:35 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-23 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2004-11-02 2884096]
"AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 88361]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-08-06 385024]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-04 281768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-08-06 14:48 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21.4.2011 21:18 64512]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.3.2009 1:14 721904]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [21.4.2011 21:49 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [23.4.2011 22:54 135336]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [21.4.2011 21:49 65576]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.4.2011 16:22 135664]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [26.7.2007 13:55 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [26.7.2007 13:55 64896]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [1.1.1980 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-23 14:22]
.
2011-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-23 14:22]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz
IE: {{2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz
IE: {{2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz
IE: {{2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz
IE: {{2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz
IE: {{309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz
IE: {{49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
IE: {{8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz
IE: {{8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz
IE: {{A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz
IE: {{BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz
IE: {{DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/
IE: {{FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/
FF - ProfilePath - c:\documents and settings\Lucie - Kubátová\Data aplikací\Mozilla\Firefox\Profiles\06tikks2.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-24 22:43
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1979945919-1417107412-3463332416-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(952)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
- - - - - - - > 'explorer.exe'(2876)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Intel\Wireless\Bin\ZcfgSvc.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\SYSTEM32\GEARSEC.EXE
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Intel\Wireless\Bin\OProtSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows\AGRSMMSG.exe
.
**************************************************************************
.
Celkový čas: 2011-04-24 22:48:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-24 20:48
.
Před spuštěním: 3 747 119 104
Po spuštění: 3 947 200 512
.
- - End Of File - - E065AD0DACEEFFE828EFAAF4F5593A1D

[stell]

ok, vyzera to dobre, ako je na tom pc??

[nicky.2000]

Skvěle. Funguje mnohem rychleji, než na počátku celé akce.

[stell]

Tak potom ok, nebudeme dalej patrat, nakolko ako som pisal mas tam mal RAM.
Takze zbytocne neinstaluj vseliake programy, aby si nezatazoval pamat.
A to je vsetko.

[nicky.2000]

Super, díky. V týdnu vám tam zase pošlu nějaký příspěvek, ať se mám příště zase na koho obrátit.

[stell]

Nemas zaco.
Zbytok som ti napisal do sukromnej spravy.