VIRY.CZ

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

OTL.txt

OTL logfile created on: 7.7.2010 21:17:49 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Documents and Settings\Pavel\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: | Country: | Language: | Date Format:

1 023,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93,15 Gb Total Space | 28,50 Gb Free Space | 30,60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ASUS7
Current User Name: Pavel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.07 21:15:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
PRC - [2010.06.26 11:43:02 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.05.07 21:57:00 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\HRY\Steam\Steam.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Programy\Avast\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Programy\Avast\ashServ.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Programy\Avast\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Programy\Avast\aswUpdSv.exe
PRC - [2005.10.12 14:07:56 | 000,987,136 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2005.08.29 05:30:02 | 000,102,400 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2005.08.22 14:50:08 | 001,986,560 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2005.07.22 09:00:10 | 000,081,920 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005.07.07 18:08:36 | 000,487,424 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2005.04.14 21:50:12 | 000,262,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2005.03.11 12:48:54 | 000,217,088 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2004.10.15 20:40:56 | 002,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Programy\Sygate\Smc.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.07.07 21:15:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
MOD - [2004.10.15 19:32:10 | 000,083,096 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\system32\SSSensor.dll
MOD - [2004.08.17 15:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\netdde.exe -- (NetDDEdsdm)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\netdde.exe -- (NetDDE)
SRV - File not found [Disabled | Stopped] -- -- (iPod Service)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Programy\Avast\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Programy\Avast\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Programy\Avast\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Programy\Avast\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007.07.10 14:10:42 | 000,072,704 | ---- | M] (Autodata Limited) [Disabled | Stopped] -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service)
SRV - [2004.10.15 20:40:56 | 002,577,632 | ---- | M] (Sygate Technologies, Inc.) [Auto | Running] -- C:\Programy\Sygate\Smc.exe -- (SmcService)


========== Driver Services (SafeList) ==========

DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010.07.06 21:16:15 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\antivsechno\SAS\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programy\antivsechno\SAS\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.11.25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.01.15 12:44:14 | 000,091,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrsce.sys -- (zebrsce)
DRV - [2008.01.15 12:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)
DRV - [2008.01.15 12:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM)
DRV - [2008.01.15 12:44:10 | 000,014,848 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV - [2008.01.15 12:44:08 | 000,083,200 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrbus.sys -- (zebrbus)
DRV - [2008.01.15 12:44:08 | 000,063,360 | R--- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zebrceb.sys -- (zebrceb) Sony Ericsson Cable Emulation Bus (WDM)
DRV - [2007.09.21 10:17:14 | 000,028,680 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2007.09.21 10:15:52 | 000,025,096 | ---- | M] (Eset) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2007.09.21 10:15:26 | 000,033,288 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2006.11.01 09:09:47 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005.10.03 11:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
DRV - [2005.10.03 11:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
DRV - [2005.09.23 13:27:00 | 003,522,304 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.08.19 03:50:44 | 000,190,912 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005.07.26 11:03:22 | 003,644,032 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.07.04 15:54:08 | 000,098,176 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005.06.27 18:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005.06.22 08:50:50 | 001,034,752 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.06.22 08:50:12 | 000,216,320 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWSIS.sys -- (HSFHWSIS)
DRV - [2005.06.22 08:50:04 | 000,716,416 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.04.18 23:21:08 | 000,027,136 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005.04.06 09:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005.03.30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005.03.09 15:53:00 | 000,042,496 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.03.04 05:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.02.17 17:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005.02.11 21:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004.12.21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004.12.06 16:51:10 | 000,051,328 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk)
DRV - [2004.10.15 19:32:44 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys -- (wg6n)
DRV - [2004.10.15 19:32:42 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys -- (wg5n)
DRV - [2004.10.15 19:32:40 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys -- (wg4n)
DRV - [2004.10.15 19:32:38 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys -- (wg3n)
DRV - [2004.10.15 19:18:46 | 000,021,075 | ---- | M] (Sygate Technologies, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys -- (wpsdrvnt)
DRV - [2004.10.15 19:17:02 | 000,060,496 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys -- (Teefer)
DRV - [2004.10.04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004.07.08 17:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2003.09.19 17:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002.10.16 13:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001.08.17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1993962763-57989841-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1993962763-57989841-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-1993962763-57989841-839522115-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1993962763-57989841-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.3
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.6&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.05 17:16:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.26 18:05:29 | 000,000,000 | ---D | M]

[2008.06.17 20:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Extensions
[2010.07.07 18:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\extensions
[2010.06.22 20:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.29 08:02:28 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.04.08 16:09:23 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
[2009.11.07 13:59:38 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}(2)
[2008.10.08 21:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.07.01 20:04:18 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-1.xml
[2009.04.30 19:09:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-10.xml
[2009.06.13 22:06:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-11.xml
[2009.07.25 19:39:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-12.xml
[2009.08.17 18:32:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-13.xml
[2008.03.27 20:57:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-2.xml
[2008.04.19 20:30:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-3.xml
[2008.08.01 17:54:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-4.xml
[2008.10.11 22:30:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-5.xml
[2008.11.14 22:45:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-6.xml
[2009.03.14 09:42:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-7.xml
[2009.03.29 09:57:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-8.xml
[2009.04.23 18:55:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin-9.xml
[2010.06.20 12:48:35 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin.gif
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\djnp7d57.default\searchplugins\icqplugin.xml
[2010.07.07 18:31:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.03.13 18:54:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.12 20:19:20 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.12 20:19:20 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.12 20:19:20 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.12 20:19:20 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.12 20:19:20 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.07.06 19:41:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (GetRight IE Download Helper) - {31ff080d-12a3-439a-a2ef-4ba95a3148e8} - C:\Programy\GetRight\xx2gr.dll (Headlight Software, Inc.)
O2 - BHO: (no name) - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - No CLSID value found.
O3 - HKU\S-1-5-21-1993962763-57989841-839522115-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Programy\Avast\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-57989841-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1993962763-57989841-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1993962763-57989841-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1993962763-57989841-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: download with getright - C:\Programy\GetRight\GRDownload.htm ()
O8 - Extra context menu item: open with getright browser - C:\Programy\GetRight\GRBrowse.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programy\icq\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programy\icq\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O12 - Plugin for: .mpg - C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll (Apple Computer, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.16.96.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programy\antivsechno\SAS\SASWINLO.DLL - C:\Programy\antivsechno\SAS\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programy\antivsechno\SAS\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.28 13:49:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.07.07 21:15:54 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
[2010.07.06 21:16:13 | 000,697,328 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.07.06 21:12:14 | 000,882,672 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\Pavel\Plocha\SPTDinst-v169-x86.exe
[2010.07.06 19:47:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.07.06 19:45:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.07.05 15:04:58 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.07.05 15:02:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.07.05 15:02:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.07.05 15:02:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.07.05 15:02:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.07.05 15:02:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.07.05 14:47:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.07.05 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.07.05 14:15:17 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.05 11:56:57 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Pavel\Plocha\HijackThis.exe
[2010.07.03 21:29:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavel\Recent
[2010.06.29 18:56:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
[2010.06.29 14:15:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\My Music
[2010.06.29 14:13:35 | 000,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx
[2010.06.26 16:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Data aplikací\Malwarebytes
[2010.06.26 16:32:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.06.26 16:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.06.26 16:32:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.06.24 20:58:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Data aplikací\SUPERAntiSpyware.com
[2010.06.24 20:58:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2010.06.23 18:37:53 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2010.06.20 12:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\AOL
[2010.06.13 09:59:39 | 005,076,072 | ---- | C] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Pavel\speedupmypc.exe
[2010.06.13 09:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\ErrorLogs
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.07 21:15:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
[2010.07.07 18:19:54 | 000,037,106 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.07.07 18:19:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.07 18:19:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.06 23:07:00 | 010,334,208 | ---- | M] () -- C:\Documents and Settings\Pavel\ntuser.dat
[2010.07.06 23:07:00 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Pavel\ntuser.ini
[2010.07.06 21:19:41 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\mbr.exe
[2010.07.06 21:17:21 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Pavel\defogger_reenable
[2010.07.06 21:16:15 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.07.06 21:12:16 | 000,882,672 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\Pavel\Plocha\SPTDinst-v169-x86.exe
[2010.07.06 21:12:04 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\Defogger.exe
[2010.07.06 19:42:12 | 000,000,324 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.06 19:41:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.07.05 15:05:07 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.07.05 14:47:12 | 003,726,382 | R--- | M] () -- C:\Documents and Settings\Pavel\Plocha\ComboFix.exe
[2010.07.05 14:14:43 | 000,824,681 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\RSIT.exe
[2010.07.05 13:42:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.07.05 11:56:59 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Pavel\Plocha\HijackThis.exe
[2010.07.04 23:30:20 | 000,002,479 | ---- | M] () -- C:\SDP00000.sdb
[2010.07.04 23:28:51 | 000,000,260 | ---- | M] () -- C:\avexport.bat
[2010.07.03 19:09:26 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\Revo Uninstaller.lnk
[2010.06.30 23:06:41 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.30 22:57:34 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.29 14:24:47 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\BearShare.lnk
[2010.06.25 22:08:34 | 000,001,502 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.2.lnk
[2010.06.24 21:04:43 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\CCleaner.lnk
[2010.06.24 20:58:46 | 000,001,656 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\SUPERAntiSpyware Free Edition.lnk
[2010.06.24 20:43:34 | 005,832,906 | -H-- | M] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\IconCache.db
[2010.06.23 18:36:21 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\RegistryBooster.lnk
[2010.06.22 18:19:14 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.13 10:00:09 | 005,076,072 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Pavel\speedupmypc.exe
[2010.06.13 09:59:19 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\Pavel\CommandDispatchers.xml
[2010.06.13 09:59:17 | 000,001,361 | ---- | M] () -- C:\Documents and Settings\Pavel\cleaner-config.xml
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.07.06 21:19:40 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\mbr.exe
[2010.07.06 21:17:12 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Pavel\defogger_reenable
[2010.07.06 21:13:26 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\gmer.exe
[2010.07.06 21:12:04 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\Defogger.exe
[2010.07.05 15:05:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.07.05 15:05:03 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.07.05 15:02:58 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.07.05 15:02:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.07.05 15:02:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.07.05 15:02:58 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.07.05 15:02:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.07.05 14:46:34 | 003,726,382 | R--- | C] () -- C:\Documents and Settings\Pavel\Plocha\ComboFix.exe
[2010.07.05 14:14:41 | 000,824,681 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\RSIT.exe
[2010.07.04 23:30:20 | 000,002,479 | ---- | C] () -- C:\SDP00000.sdb
[2010.07.04 23:28:51 | 000,000,260 | ---- | C] () -- C:\avexport.bat
[2010.06.29 14:24:47 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\BearShare.lnk
[2010.06.25 22:08:34 | 000,001,502 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.2.lnk
[2010.06.24 21:04:43 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\CCleaner.lnk
[2010.06.24 20:58:46 | 000,001,656 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\SUPERAntiSpyware Free Edition.lnk
[2010.06.23 18:36:21 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\RegistryBooster.lnk
[2010.06.18 17:21:33 | 010,334,208 | ---- | C] () -- C:\Documents and Settings\Pavel\ntuser.dat
[2010.06.13 10:00:09 | 000,000,007 | ---- | C] () -- C:\Documents and Settings\Pavel\last-update-package.txt
[2010.06.13 09:59:18 | 000,000,709 | ---- | C] () -- C:\Documents and Settings\Pavel\CommandDispatchers.xml
[2010.06.13 09:59:17 | 000,001,361 | ---- | C] () -- C:\Documents and Settings\Pavel\cleaner-config.xml
[2009.04.23 23:14:33 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.11.19 19:49:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008.04.04 19:52:03 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2007.12.12 18:48:07 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007.10.28 23:47:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Sonymap.INI
[2007.10.19 15:02:24 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\msansum^.sys
[2007.09.21 10:17:14 | 000,028,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007.08.30 20:24:23 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006.12.20 14:12:23 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.11.30 11:05:50 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006.11.13 16:41:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006.11.11 22:12:16 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.30 14:08:27 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2006.10.28 16:39:01 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.10.28 14:57:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2006.10.28 14:42:02 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.10.28 14:14:42 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2006.10.28 14:14:03 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.09.23 13:27:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005.09.23 13:27:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005.09.23 13:27:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005.09.23 13:27:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005.09.23 13:27:00 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.06.29 10:58:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.02.17 13:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2004.12.02 15:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004.10.15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll
[2004.09.22 10:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.08.17 17:49:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.08.17 15:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003.07.29 15:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll

========== LOP Check ==========

[2009.12.06 11:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2010.06.22 20:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.11.29 21:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\QubeSoft
[2009.12.06 10:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2008.11.19 19:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.12.25 16:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.23 18:36:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2009.12.05 18:11:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
[2010.06.23 18:37:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2008.07.31 21:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Business Logic
[2010.06.25 22:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ
[2006.11.07 18:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ Toolbar
[2006.11.07 18:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQLite
[2009.10.17 18:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ITEDO
[2009.04.23 23:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Leadertech
[2007.12.12 18:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Panasonic
[2008.11.19 19:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teleca
[2010.06.16 16:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Uniblue
[2010.06.29 18:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
[2007.11.03 14:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.03.05 20:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\AccurateRip
[2007.05.02 16:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Adobe
[2009.12.19 12:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Ahead
[2007.06.12 19:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Apple Computer
[2008.05.30 20:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ArcSoft
[2008.07.31 21:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Business Logic
[2006.10.28 20:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\CyberLink
[2007.10.08 19:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Google
[2006.11.26 20:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Help
[2010.06.25 22:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ
[2006.11.07 18:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ Toolbar
[2006.11.07 18:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQLite
[2009.12.30 16:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Identities
[2007.09.29 09:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\InstallShield
[2008.04.04 20:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Intel
[2009.10.17 18:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ITEDO
[2008.07.28 17:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Lavasoft
[2009.04.23 23:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Leadertech
[2006.11.07 18:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Macromedia
[2010.06.26 16:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Malwarebytes
[2009.12.05 18:23:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft
[2008.06.17 20:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla
[2007.12.12 18:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Panasonic
[2007.09.03 14:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Real
[2008.11.19 19:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Sony Ericsson
[2007.12.13 21:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Sun
[2010.06.24 20:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\SUPERAntiSpyware.com
[2008.11.19 19:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teleca
[2010.06.16 16:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Uniblue
[2010.06.29 18:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
[2008.07.15 15:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\vlc
[2007.11.03 14:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2008.10.23 11:54:53 | 000,015,872 | R--- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
[2010.06.16 15:54:10 | 005,037,504 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Pavel\Data aplikací\Uniblue\Registry Booster2\RB_Setup_6_16_2010.exe


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2004.08.17 15:57:28 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.25 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\sp2gdr\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\sp2qfe\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.11.07 15:25:45 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.11.07 14:20:31 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2006.11.07 15:25:45 | 015,990,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.11.07 15:25:47 | 005,505,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.07.06 21:16:15 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /3 >
[2010.07.07 18:19:54 | 000,037,106 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml

========== Alternate Data Streams ==========

@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
< End of report >

EXTRAS.txt

OTL Extras logfile created on: 7.7.2010 21:17:49 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Documents and Settings\Pavel\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: | Country: | Language: | Date Format:

1 023,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93,15 Gb Total Space | 28,50 Gb Free Space | 30,60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ASUS7
Current User Name: Pavel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1993962763-57989841-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programy\icq\ICQ7.2\ICQ.exe" = C:\Programy\icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programy\icq\ICQ7.2\aolload.exe" = C:\Programy\icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\HRY\C.S.1.6\hl.exe" = C:\HRY\C.S.1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\HRY\Steam\Steam.exe" = C:\HRY\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe" = C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module -- (Intuwave Ltd.)
"C:\Programy\sonyericssonG900\update\Update Service\Update Service.exe" = C:\Programy\sonyericssonG900\update\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"C:\Programy\sonyericssonG900\Sync Manager\DXP SyncML.exe" = C:\Programy\sonyericssonG900\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module -- (Teleca Sweden AB)
"C:\Programy\icq\ICQ7.2\ICQ.exe" = C:\Programy\icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programy\icq\ICQ7.2\aolload.exe" = C:\Programy\icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programy\BearShare\BearShare.exe" = C:\Programy\BearShare\BearShare.exe:*:Enabled:BearShare -- (Free Peers, Inc.)
"C:\HRY\Steam\SteamApps\bonedaddy7\counter-strike\hl.exe" = C:\HRY\Steam\SteamApps\bonedaddy7\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03a9b644-06c0-3a4f-9897-fa54f21268ad}" = Microsoft .NET Framework 3.5 Client Profile - Language Pack (CSY)
"{048298c9-a4d3-490b-9ff9-ab023a9238f3}" = Steam(TM)
"{1185566f-12ed-3ef0-89cc-38866dce1eee}" = Microsoft .NET Framework 3.0 Client Service Pack 2
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{23c3f5c0-566b-478b-aab6-197adad0c945}" = Uniblue SpeedUpMyPC 2009
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1
"{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4e5a1c9e-2e32-3eca-b497-0dbb4075376d}" = Microsoft .NET Framework 3.0 Client Profile - Language Pack (CSY)
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{90300405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9888ba71-c935-35db-bc00-85920f091d98}" = Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (CSY)
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A87869D7-B133-498C-A347-D9BE109FF6C8}" = USB2.0 1.3M Web Cam
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AD501749-CD49-499A-AD54-51DC42A57434}" = PC Suite for Sony Ericsson
"{bcb873d5-94bd-4adc-b80a-a3b381d7e8fa}" = ITEDO IsoView ActiveX Control 5.0
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{caafb8f9-f8d1-3d27-9aaa-6301a4429440}" = Microsoft .NET Framework 2.0 Client Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{d617a4dc-c915-3f25-be43-57e5fd99b441}" = Microsoft .NET Framework 3.5 Client Service Pack 1
"{DC67641A-05C4-4FED-A462-1EB1DC6CF2F5}" = ArcSoft Software Suite
"{df5a03cc-d5aa-43d8-b948-d9903f2af94a}" = Counter-Strike(TM)
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = PC Suite for Sony Ericsson
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{f07b861c-72b9-40a4-8b1a-aaed4c06a7e8}" = QuickTime
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall
"adobe flash player activex" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Aktualizace Windows XP Service Pack" = Aktualizace Windows XP Service Pack 1a
"audacity_is1" = Audacity 1.2.2
"avast!" = avast! Antivirus
"BearShare" = BearShare
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_C0131631" = Soft Data Fax Modem with SmartCP
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Deutz Engine" = Deutz Engine
"Doctor Alex" = Doctor Alex
"EAX Unified" = EAX Unified
"FLV Player" = FLV Player 2.0, build 24
"getright" = GetRight
"HControl" = ATK0100 ACPI UTILITY
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"microsoft.net.client.3.5" = Microsoft .NET Framework Client Profile
"microsoft.net.client.3.5.langpack.csy" = Microsoft .NET Framework Client Profile – jazyková sada – CSY
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"mRouterRuntime" =
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NVIDIA Drivers" = NVIDIA Drivers
"Revo Uninstaller" = Revo Uninstaller 1.89
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 3.19
"Steam App 10" = Counter-Strike
"Steam App 100" = Condition Zero Deleted Scenes
"Steam App 30" = Day of Defeat
"Steam App 40" = Deathmatch Classic
"Steam App 60" = Ricochet
"Steam App 80" = Condition Zero
"sXe_Injected" = sXe Injected
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"uniblue speedupmypc 2009" = Uniblue SpeedUpMyPC 2009
"Update Service" = Update Service
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR
"WM Converter 2.0" = WM Converter 2.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 29.5.2009 10:15:55 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\WINDOWS\system32\digiwet.dll failed, 00000005.

Error - 30.5.2009 0:39:21 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\WINDOWS\system32\digiwet.dll failed, 00000005.

Error - 31.5.2009 2:26:54 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\WINDOWS\system32\digiwet.dll failed, 00000005.

Error - 8.6.2009 10:08:33 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu basEncodeFileToSubmit failed! , funkce
00000002.

Error - 9.6.2009 10:02:06 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.aukro.cz/ap/ap_show.php?aid= ... &bid=53713 failed, 00000005.

Error - 9.7.2009 9:12:35 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: Aavm: FetchGlobalCounters cannot open
mapping - server DOWN???, 00000002.

Error - 15.8.2009 0:48:22 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: Aavm: FetchGlobalCounters cannot open
mapping - server DOWN???, 00000002.

Error - 9.11.2009 11:55:02 | Computer Name = ASUS7 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://suggestqueries.google.com/comple ... 20qu&cp=11
failed, 0000A413.

Error - 4.7.2010 17:30:21 | Computer Name = | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: Aavm/RPC: RpcServerUseProtseqEp for LRPC
failed, 0000000E.

Error - 4.7.2010 17:30:21 | Computer Name = | Source = avast! | ID = 33554522
Description = Chyba v aswChestS: chestStart Error 14.

[ Application Events ]
Error - 12.6.2010 16:29:21 | Computer Name = ASUS7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.6.2010 9:17:28 | Computer Name = ASUS7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Phoebe5.exe, verze 1.20.1.114, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.6.2010 10:27:53 | Computer Name = ASUS7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Phoebe5.exe, verze 1.20.1.114, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.6.2010 9:45:08 | Computer Name = ASUS7 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.

Error - 29.6.2010 11:58:04 | Computer Name = ASUS7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OUTLOOK.EXE, verze 10.0.2627.1, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 1.7.2010 13:00:51 | Computer Name = ASUS7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Steam.exe, verze 1.0.843.387, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 3.7.2010 12:58:24 | Computer Name = ASUS7 | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070005 z řádku 44 v d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 3.7.2010 12:58:25 | Computer Name = ASUS7 | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

Error - 3.7.2010 13:20:54 | Computer Name = ASUS7 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 4.7.2010 16:50:28 | Computer Name = ASUS7 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3776, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 4.7.2010 17:30:20 | Computer Name = | Source = EFS | ID = 333681
Description = Služba Plug & Play není připravena. Server EFS se nebude pokoušet
zjistit přerušené šifrovací a dešifrovací operace.

Error - 5.7.2010 9:01:35 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 5.7.2010 11:18:25 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 5.7.2010 11:45:49 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 6.7.2010 3:40:55 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 6.7.2010 13:39:43 | Computer Name = ASUS7 | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\legacy_f-secure_standalone_minifilter\0000 se již v
systému nenachází, přestože nebylo nejdříve připraveno k odebrání.

Error - 6.7.2010 13:42:25 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 6.7.2010 13:51:30 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 6.7.2010 15:18:56 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 7.7.2010 12:19:52 | Computer Name = ASUS7 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd


< End of report >

Znáte:
O4 - HKU\.DEFAULT..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nlpo_01] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)



Spusťte OTL a do spodního okna vložte následující skript. Klikněte na Opravit, PC se restartuje, log vložte sem.

Nový log:

All processes killed
========== OTL ==========
Service NetDDEdsdm stopped successfully!
Service NetDDEdsdm deleted successfully!
File C:\WINDOWS\System32\netdde.exe not found.
Service NetDDE stopped successfully!
Service NetDDE deleted successfully!
File C:\WINDOWS\System32\netdde.exe not found.
Service iPod Service stopped successfully!
Service iPod Service deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File C:\WINDOWS\System32\hidserv.dll not found.
Service Lbd stopped successfully!
Service Lbd deleted successfully!
File C:\WINDOWS\System32\DRIVERS\Lbd.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
Prefs.js: cs@dictionaries.addons.mozilla.org:1.0.1 removed from extensions.enabledItems
Prefs.js: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3 removed from extensions.enabledItems
Prefs.js: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.3 removed from extensions.enabledItems
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.1.6&q=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-1993962763-57989841-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1993962763-57989841-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85d1f590-48f4-11d9-9669-0800200c9a66}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found not found.
C:\WINDOWS\system32\drivers\msansum^.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP folder moved successfully.
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 .
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseCustomCalla.dll deleted successfully.
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseCustomCalla2.dll deleted successfully.
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseCustomCalla3.dll deleted successfully.
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseCustomCalla4.dll deleted successfully.
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseCustomCalla5.dll deleted successfully.
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseCustomCalla6.dll deleted successfully.
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP\WiseData.ini deleted successfully.
C:\WINDOWS\048298C9A4D3490B9FF9AB023A9238F3.TMP folder deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 6846 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 3173298 bytes

User: Pavel
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 81628 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 119949195 bytes
->Flash cache emptied: 2655 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 735873183 bytes

Total Files Cleaned = 819,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Pavel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.7.1 log created on 07072010_223611

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_140.dat moved successfully.

Registry entries deleted on Reboot...


Velice děkuji za pomoc.

Jestli vím co je to za program nebo k čemu to je?

Ne.

A ještě ve správci hodně procent má smc.exe když je zrovna ta největší zátěž.

smc.exe patří k Sygate Personal Firewall.


Jak se chová PC

Notebook se stále chová stejně.

Pokračujte podle návodu http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

Děkuji, zde je log po KVRT:

Autoscan: completed 2 minutes ago (events: 4, objects: 433264, time: 02:16:15)
17.7.2010 9:12:20 Task started
17.7.2010 9:24:46 Detected: Trojan-GameThief.Win32.Lmir.jhm C:\Documents and Settings\Pavel\Dokumenty\Hry\battleships.exe
17.7.2010 9:26:46 Deleted: Trojan-GameThief.Win32.Lmir.jhm C:\Documents and Settings\Pavel\Dokumenty\Hry\battleships.exe
17.7.2010 11:28:35 Task completed

PC je z virového hlediska OK.


Odinstalujte nepoužívané programy.


ComboFix /Uninstall

stiskněte Enter



Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

• Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
• Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

• Spusťte.
• Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

• Spusťte.
• Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

• Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
  
  Záložka Čistič
• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
  OK Zavřít

Dejte nový log z RSIT.

Vše provedeno, přikládám nový log z RSIT.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel at 2010-07-18 22:09:48
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 24 GB (25%) free of 95 GB
Total RAM: 1023 MB (59% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ff080d-12a3-439a-a2ef-4ba95a3148e8}]
GetRight IE Download Helper - C:\Programy\GetRight\xx2gr.dll [2007-06-21 246848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\Programy\Avast\ashDisp.exe [2009-11-25 81000]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-09-23 7286784]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-08-29 102400]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-07-22 81920]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-12 987136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-08-19 737369]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programy\Adobe Reader\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Programy\icq\ICQ7.2\ICQ.exe [2010-06-25 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
C:\Programy\sonyericssonG900\Application Launcher\Application Launcher.exe [2007-12-25 548864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
C:\Programy\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Programy\antivsechno\SAS\SUPERAntiSpyware.exe [2010-06-07 2403568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^nabídka start^programy^po spuštění^lumix simple viewer.lnk]
C:\PROGRA~1\PANASO~1\LUMIXS~1\PHLEAU~1.EXE [2006-09-29 57344]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Programy\antivsechno\SAS\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Programy\antivsechno\SAS\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\HRY\C.S.1.6\hl.exe"="C:\HRY\C.S.1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\HRY\Steam\Steam.exe"="C:\HRY\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\Programy\sonyericssonG900\update\Update Service\Update Service.exe"="C:\Programy\sonyericssonG900\update\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Programy\sonyericssonG900\Sync Manager\DXP SyncML.exe"="C:\Programy\sonyericssonG900\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module"
"C:\Programy\icq\ICQ7.2\ICQ.exe"="C:\Programy\icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Programy\icq\ICQ7.2\aolload.exe"="C:\Programy\icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Programy\BearShare\BearShare.exe"="C:\Programy\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\HRY\Steam\SteamApps\bonedaddy7\counter-strike\hl.exe"="C:\HRY\Steam\SteamApps\bonedaddy7\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\icq\ICQ7.2\ICQ.exe"="C:\Programy\icq\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Programy\icq\ICQ7.2\aolload.exe"="C:\Programy\icq\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-07-18 22:09:16 ----D---- C:\Program Files\trend micro
2010-07-18 22:09:15 ----D---- C:\rsit
2010-07-18 08:37:31 ----A---- C:\WINDOWS\system32\PARTIZAN.TXT
2010-07-18 08:32:25 ----RASHOT---- C:\WINDOWS\winstart.bat
2010-07-06 21:16:13 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2010-07-06 19:47:48 ----SHD---- C:\RECYCLER
2010-07-06 19:45:42 ----D---- C:\WINDOWS\temp
2010-07-05 15:05:07 ----A---- C:\Boot.bak
2010-07-05 15:04:58 ----RASHD---- C:\cmdcons
2010-07-05 15:02:43 ----D---- C:\WINDOWS\ERDNT
2010-06-29 18:56:22 ----D---- C:\Documents and Settings\Pavel\Data aplikací\VitySoft
2010-06-26 16:32:46 ----D---- C:\Documents and Settings\Pavel\Data aplikací\Malwarebytes
2010-06-26 16:32:16 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-06-26 16:32:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-06-26 16:32:13 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-06-24 20:58:50 ----D---- C:\Documents and Settings\Pavel\Data aplikací\SUPERAntiSpyware.com
2010-06-24 20:58:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2010-06-23 18:37:53 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}

======List of files/folders modified in the last 1 months======

2010-07-18 22:09:45 ----D---- C:\WINDOWS\Prefetch
2010-07-18 22:09:16 ----AD---- C:\Program Files
2010-07-18 22:04:20 ----D---- C:\WINDOWS
2010-07-18 21:59:01 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-07-18 21:56:55 ----SHD---- C:\System Volume Information
2010-07-18 21:56:55 ----D---- C:\WINDOWS\system32\Restore
2010-07-18 20:18:57 ----D---- C:\My Downloads
2010-07-18 13:11:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-18 09:15:49 ----D---- C:\Program Files\Mozilla Firefox
2010-07-18 08:52:48 ----D---- C:\WINDOWS\system32\drivers
2010-07-18 08:52:47 ----D---- C:\WINDOWS\system32
2010-07-17 09:09:31 ----HD---- C:\WINDOWS\inf
2010-07-13 14:07:48 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-06 19:42:12 ----A---- C:\WINDOWS\system.ini
2010-07-06 19:41:52 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-06 19:39:55 ----D---- C:\WINDOWS\system32\config
2010-07-06 19:37:57 ----D---- C:\WINDOWS\AppPatch
2010-07-06 19:37:50 ----D---- C:\Program Files\Common Files
2010-07-06 11:08:41 ----D---- C:\Downloads
2010-07-05 15:11:14 ----SD---- C:\WINDOWS\Tasks
2010-07-05 15:05:07 ----RASH---- C:\boot.ini
2010-07-05 14:59:50 ----D---- C:\Programy
2010-07-05 14:59:23 ----SHD---- C:\WINDOWS\Installer
2010-07-05 14:59:23 ----D---- C:\Config.Msi
2010-07-05 14:59:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-07-05 14:58:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-03 19:07:09 ----D---- C:\HRY
2010-06-26 18:04:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-25 22:09:05 ----D---- C:\Documents and Settings\Pavel\Data aplikací\ICQ
2010-06-24 21:08:50 ----D---- C:\WINDOWS\Debug
2010-06-23 18:36:24 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2010-06-22 20:04:57 ----D---- C:\Program Files\ICQ6Toolbar
2010-06-22 20:03:37 ----D---- C:\WINDOWS\system32\wbem
2010-06-22 20:03:37 ----D---- C:\WINDOWS\Registration
2010-06-22 20:02:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-06-20 12:48:37 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2004-12-06 51328]
R0 risdptsk;risdptsk; C:\WINDOWS\System32\DRIVERS\risdptsk.sys [2005-04-18 27136]
R0 Teefer;Teefer for NT; C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys [2004-10-15 60496]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-09-21 25096]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-09-21 28680]
R1 SASDIFSV;SASDIFSV; \??\C:\Programy\antivsechno\SAS\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Programy\antivsechno\SAS\SASKUTIL.SYS []
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799]
R1 wpsdrvnt;wpsdrvnt; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-09-21 33288]
R2 irda;Protokol IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2004-08-04 87424]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [2006-11-01 15781]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 wg3n;SyGate for NT, wg3n; C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-10-15 14568]
R2 wg4n;SyGate for NT, wg4n; C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys [2004-10-15 14568]
R2 wg5n;SyGate for NT, wg5n; C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys [2004-10-15 14568]
R2 wg6n;SyGate for NT, wg6n; C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys [2004-10-15 14568]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-07-26 3644032]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [2005-06-22 1034752]
R3 HSFHWSIS;HSFHWSIS; C:\WINDOWS\System32\DRIVERS\HSFHWSIS.sys [2005-06-22 216320]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-09-23 3522304]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SynMini;USB2.0 1.3M Web Cam; C:\WINDOWS\System32\Drivers\SynMini.sys [2005-10-03 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2005-10-03 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-08-19 190912]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2005-03-30 47230]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2005-06-22 716416]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-17 60800]
S3 Bridge;Most MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-17 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-17 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-07-04 98176]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2005-06-27 53504]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]
S4 s24trans;WLAN Transport; C:\WINDOWS\system32\drivers\s24trans.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-06 697328]
S4 vsdatant;vsdatant; C:\WINDOWS\system32\drivers\vsdatant.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Programy\Avast\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Programy\Avast\ashServ.exe [2009-11-25 138680]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-04-24 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-09-23 143428]
R2 SmcService;Sygate Personal Firewall; C:\Programy\Sygate\smc.exe [2004-10-15 2577632]
R3 avast! Web Scanner;avast! Web Scanner; C:\Programy\Avast\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Programy\Avast\ashMaiSv.exe [2009-11-25 254040]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 fontcache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [2007-07-10 72704]

-----------------EOF-----------------


Velice děkuji, že se mně a mému problému věnujete.

Stáhněte a uložte na plochu http://jpshortstuff.247fixes.com/SystemLook.exe nebo http://images.malwareremoval.com/jpshor ... emLook.exe

• Dvojklikem na ikonu program spusťte.
• Do bílého okénka zkopírujte text z následujícího bílého pole.

• Klikněte na Look, po dokončení skenu na Vás vyskočí log, zkopírujte ho sem.
• Log se také bude nacházet na ploše v souboru SystemLook.txt