Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu Avira mi háže hlášky během hodiny asi 15x
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
a teď toto C:\RECYCLER\S-1-5-21-1390067357-1123561945-839522115-1004\Dc1.exe
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
a ted toto C:\Documents and Settings\Tatik\Local Settings\temp\0623890.exe
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Tak to smažte a použijte ten skript na combofix, pak uvidíme co dál 
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
ComboFix 11-01-26.02 - Tatik 28.01.2011 20:39:40.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.675 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tatik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tatik\Plocha\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
file zipped: c:\documents and settings\Tatik\Data aplikací\juzjf.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-28 )))))))))))))))))))))))))))))))
.
2011-01-28 13:31 . 2011-01-26 14:37 151552 --sha-r- c:\documents and settings\Tatik\Data aplikací\juzjf.exe
2011-01-26 17:47 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 17:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-25 10:01 . 2011-01-25 10:01 -------- d-----w- c:\program files\Common Files\Skype
2011-01-25 09:44 . 2011-01-28 18:13 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\skypePM
2011-01-25 09:20 . 2011-01-28 18:17 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Skype
2011-01-25 09:20 . 2011-01-25 10:01 -------- d-----r- c:\program files\Skype
2011-01-25 09:19 . 2011-01-25 10:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-01-21 13:33 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll
2011-01-21 13:33 . 2008-07-04 06:34 860160 ----a-w- c:\windows\system32\lameACM.acm
2011-01-21 13:33 . 2007-09-21 00:52 118784 ----a-w- c:\windows\system32\ac3acm.acm
2011-01-21 13:33 . 2008-01-10 12:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll
2011-01-21 13:33 . 2008-01-10 12:15 755027 ----a-w- c:\windows\system32\xvidcore.dll
2011-01-21 13:33 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-01-21 13:33 . 2008-05-30 23:22 683520 ----a-w- c:\windows\system32\divx.dll
2011-01-21 13:33 . 2008-05-22 22:22 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2011-01-21 13:33 . 2008-05-22 22:19 81920 ----a-w- c:\windows\system32\dpl100.dll
2011-01-21 13:33 . 2008-06-12 18:36 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2011-01-21 13:33 . 2011-01-21 13:33 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-01-21 13:13 . 2009-06-25 12:20 1446264 ----a-w- c:\program files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
2011-01-21 13:06 . 2011-01-21 13:07 -------- d-----w- c:\program files\FLVPlayer4Free
2011-01-10 21:00 . 2008-08-18 10:39 117760 ----a-w- c:\windows\system32\hpzll64X.dll
2011-01-10 21:00 . 2008-08-18 10:39 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp64X.dll
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-26 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-10 11:35 . 2011-01-10 11:35 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Tracker Software
2011-01-10 11:33 . 2011-01-10 11:38 -------- d-----w- c:\program files\Tracker Software
2011-01-10 10:58 . 2001-09-10 04:47 103344 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\Profiles
2011-01-10 10:58 . 2001-09-10 04:47 103344 ------w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\system32\Adobe
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\InterTrust
2011-01-09 16:23 . 2011-01-09 16:23 -------- d-----w- c:\documents and settings\Tatik\Local Settings\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WEBREG
2011-01-09 15:54 . 2009-08-26 21:41 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2011-01-09 15:54 . 2009-08-26 21:41 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2011-01-09 15:54 . 2011-01-09 15:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hewlett-Packard
2011-01-09 15:54 . 2010-05-06 10:51 271704 ----a-w- c:\windows\system32\hpzids01.dll
2011-01-09 15:53 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2011-01-09 15:53 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll
2011-01-09 15:53 . 2009-08-26 21:40 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2011-01-09 15:53 . 2007-03-16 17:11 675840 ----a-r- c:\windows\system32\hpowiax3.dll
2011-01-09 15:53 . 2007-03-16 17:11 303104 ----a-r- c:\windows\system32\hpovst10.dll
2011-01-09 15:53 . 2007-03-16 17:11 569344 ----a-r- c:\windows\system32\hpotscl3.dll
2011-01-09 15:53 . 2007-03-07 05:20 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2011-01-09 15:53 . 2007-03-07 05:20 309760 ----a-r- c:\windows\system32\difxapi.dll
2011-01-09 15:53 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2011-01-09 15:53 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-01-09 15:50 . 2011-01-09 15:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP Product Assistant
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\program files\Common Files\HP
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Hewlett-Packard
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2011-01-09 15:48 . 2011-01-27 15:18 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-09 15:48 . 2011-01-09 15:52 -------- d-----w- c:\program files\HP
2011-01-09 15:48 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Pro
2011-01-08 09:19 . 2011-01-08 09:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-08 09:18 . 2011-01-08 09:19 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-08 09:16 . 2011-01-08 09:16 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-08 09:16 . 2011-01-08 09:16 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Lite
2011-01-08 09:14 . 2011-01-08 09:14 -------- d-----w- c:\program files\PowerISO
2011-01-03 08:14 . 2011-01-03 08:29 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\uTorrent
2011-01-03 08:14 . 2011-01-03 08:14 -------- d-----w- c:\program files\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-23 14:03 . 2010-12-10 15:11 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-12-18 20:47 . 2010-12-18 20:47 130287653 ----a-w- c:\program files\TrackPack1_2011.exe
2010-11-30 17:13 . 2010-12-10 15:11 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-18 18:15 . 2010-12-10 12:33 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-12-10 20:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-12-10 20:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2002-09-23 10:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2002-09-23 10:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2002-09-23 10:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2002-09-23 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2010-12-10 13:17 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-09-23 10:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-01-27_15.02.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-28 19:48 . 2011-01-28 19:48 16384 c:\windows\temp\Perflib_Perfdata_5b4.dat
+ 2011-01-27 15:18 . 2007-03-07 05:20 21568 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 49920 c:\windows\system32\ReinstallBackups\0020\DriverFiles\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 16496 c:\windows\system32\ReinstallBackups\0010\DriverFiles\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16800 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\WinxP\Hppaufd0.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipr13_CD5CA4CB29ADB232F99F8FED9E460786C54C550B\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzid413_7226AAA8FE761A362CC9574215E1967F204EB3BF\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2007-03-07 05:20 364544 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2007-03-07 05:20 309760 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 3189760 c:\windows\system32\DRVSTORE\hpc3530c_0F9097B9DD2DBAEA413DCF848ED9640191CB76FE\hpbcfgre.DLL
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-05-05 153672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Tatik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\rFactor\\rfactor.exe"=
"c:\\Program Files\\rFactor\\rFactor Dedicated.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\hry\\FarCry bojovka\\Bin32\\FarCry.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Product Assistant\\bin\\hprbui.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.1.2011 10:16 717296]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10.12.2010 16:11 135336]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.12.2010 17:08 246520]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24.2.2005 12:29 162176]
S2 mfsskbbuauye;Crystal Report Application Server;c:\windows\system32\dohoo.exe --> c:\windows\system32\dohoo.exe [?]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.12.2010 12:47 16896]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [10.12.2010 22:52 9728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\down_all.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-28 20:48
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2064)
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\program files\NVIDIA Corporation\nView\NVWRSCS.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2011-01-28 20:52:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-28 19:52
ComboFix2.txt 2011-01-28 18:56
ComboFix3.txt 2011-01-27 15:04
Před spuštěním: Volných bajtů: 61 000 048 640
Po spuštění: Volných bajtů: 60 994 695 168
- - End Of File - - 4A17E1A0E90D9B524DE431548EDC47DB
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.675 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tatik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tatik\Plocha\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
file zipped: c:\documents and settings\Tatik\Data aplikací\juzjf.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-28 )))))))))))))))))))))))))))))))
.
2011-01-28 13:31 . 2011-01-26 14:37 151552 --sha-r- c:\documents and settings\Tatik\Data aplikací\juzjf.exe
2011-01-26 17:47 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 17:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-25 10:01 . 2011-01-25 10:01 -------- d-----w- c:\program files\Common Files\Skype
2011-01-25 09:44 . 2011-01-28 18:13 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\skypePM
2011-01-25 09:20 . 2011-01-28 18:17 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Skype
2011-01-25 09:20 . 2011-01-25 10:01 -------- d-----r- c:\program files\Skype
2011-01-25 09:19 . 2011-01-25 10:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-01-21 13:33 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll
2011-01-21 13:33 . 2008-07-04 06:34 860160 ----a-w- c:\windows\system32\lameACM.acm
2011-01-21 13:33 . 2007-09-21 00:52 118784 ----a-w- c:\windows\system32\ac3acm.acm
2011-01-21 13:33 . 2008-01-10 12:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll
2011-01-21 13:33 . 2008-01-10 12:15 755027 ----a-w- c:\windows\system32\xvidcore.dll
2011-01-21 13:33 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-01-21 13:33 . 2008-05-30 23:22 683520 ----a-w- c:\windows\system32\divx.dll
2011-01-21 13:33 . 2008-05-22 22:22 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2011-01-21 13:33 . 2008-05-22 22:19 81920 ----a-w- c:\windows\system32\dpl100.dll
2011-01-21 13:33 . 2008-06-12 18:36 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2011-01-21 13:33 . 2011-01-21 13:33 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-01-21 13:13 . 2009-06-25 12:20 1446264 ----a-w- c:\program files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
2011-01-21 13:06 . 2011-01-21 13:07 -------- d-----w- c:\program files\FLVPlayer4Free
2011-01-10 21:00 . 2008-08-18 10:39 117760 ----a-w- c:\windows\system32\hpzll64X.dll
2011-01-10 21:00 . 2008-08-18 10:39 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp64X.dll
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-26 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-10 11:35 . 2011-01-10 11:35 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Tracker Software
2011-01-10 11:33 . 2011-01-10 11:38 -------- d-----w- c:\program files\Tracker Software
2011-01-10 10:58 . 2001-09-10 04:47 103344 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\Profiles
2011-01-10 10:58 . 2001-09-10 04:47 103344 ------w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\system32\Adobe
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\InterTrust
2011-01-09 16:23 . 2011-01-09 16:23 -------- d-----w- c:\documents and settings\Tatik\Local Settings\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WEBREG
2011-01-09 15:54 . 2009-08-26 21:41 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2011-01-09 15:54 . 2009-08-26 21:41 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2011-01-09 15:54 . 2011-01-09 15:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hewlett-Packard
2011-01-09 15:54 . 2010-05-06 10:51 271704 ----a-w- c:\windows\system32\hpzids01.dll
2011-01-09 15:53 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2011-01-09 15:53 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll
2011-01-09 15:53 . 2009-08-26 21:40 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2011-01-09 15:53 . 2007-03-16 17:11 675840 ----a-r- c:\windows\system32\hpowiax3.dll
2011-01-09 15:53 . 2007-03-16 17:11 303104 ----a-r- c:\windows\system32\hpovst10.dll
2011-01-09 15:53 . 2007-03-16 17:11 569344 ----a-r- c:\windows\system32\hpotscl3.dll
2011-01-09 15:53 . 2007-03-07 05:20 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2011-01-09 15:53 . 2007-03-07 05:20 309760 ----a-r- c:\windows\system32\difxapi.dll
2011-01-09 15:53 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2011-01-09 15:53 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-01-09 15:50 . 2011-01-09 15:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP Product Assistant
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\program files\Common Files\HP
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Hewlett-Packard
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2011-01-09 15:48 . 2011-01-27 15:18 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-09 15:48 . 2011-01-09 15:52 -------- d-----w- c:\program files\HP
2011-01-09 15:48 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Pro
2011-01-08 09:19 . 2011-01-08 09:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-08 09:18 . 2011-01-08 09:19 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-08 09:16 . 2011-01-08 09:16 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-08 09:16 . 2011-01-08 09:16 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Lite
2011-01-08 09:14 . 2011-01-08 09:14 -------- d-----w- c:\program files\PowerISO
2011-01-03 08:14 . 2011-01-03 08:29 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\uTorrent
2011-01-03 08:14 . 2011-01-03 08:14 -------- d-----w- c:\program files\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-23 14:03 . 2010-12-10 15:11 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-12-18 20:47 . 2010-12-18 20:47 130287653 ----a-w- c:\program files\TrackPack1_2011.exe
2010-11-30 17:13 . 2010-12-10 15:11 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-18 18:15 . 2010-12-10 12:33 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-12-10 20:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-12-10 20:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2002-09-23 10:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2002-09-23 10:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2002-09-23 10:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2002-09-23 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2010-12-10 13:17 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-09-23 10:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-01-27_15.02.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-28 19:48 . 2011-01-28 19:48 16384 c:\windows\temp\Perflib_Perfdata_5b4.dat
+ 2011-01-27 15:18 . 2007-03-07 05:20 21568 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 49920 c:\windows\system32\ReinstallBackups\0020\DriverFiles\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 16496 c:\windows\system32\ReinstallBackups\0010\DriverFiles\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16800 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\WinxP\Hppaufd0.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipr13_CD5CA4CB29ADB232F99F8FED9E460786C54C550B\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzid413_7226AAA8FE761A362CC9574215E1967F204EB3BF\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2007-03-07 05:20 364544 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2007-03-07 05:20 309760 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 3189760 c:\windows\system32\DRVSTORE\hpc3530c_0F9097B9DD2DBAEA413DCF848ED9640191CB76FE\hpbcfgre.DLL
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-05-05 153672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Tatik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\rFactor\\rfactor.exe"=
"c:\\Program Files\\rFactor\\rFactor Dedicated.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\hry\\FarCry bojovka\\Bin32\\FarCry.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Product Assistant\\bin\\hprbui.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.1.2011 10:16 717296]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10.12.2010 16:11 135336]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.12.2010 17:08 246520]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24.2.2005 12:29 162176]
S2 mfsskbbuauye;Crystal Report Application Server;c:\windows\system32\dohoo.exe --> c:\windows\system32\dohoo.exe [?]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.12.2010 12:47 16896]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [10.12.2010 22:52 9728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\down_all.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-28 20:48
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2064)
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\program files\NVIDIA Corporation\nView\NVWRSCS.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\PAStiSvc.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2011-01-28 20:52:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-28 19:52
ComboFix2.txt 2011-01-28 18:56
ComboFix3.txt 2011-01-27 15:04
Před spuštěním: Volných bajtů: 61 000 048 640
Po spuštění: Volných bajtů: 60 994 695 168
- - End Of File - - 4A17E1A0E90D9B524DE431548EDC47DB
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Ted mi nevyskočilo okno The profile could not be found Tato zpráva mi předtím vyskakovala při zpuštění PC Avira zatím taky mlčí.
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Máte to pořád nějaký divoký 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
OTL Extras logfile created on: 29.1.2011 17:10:24 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Tatik\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 662,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 56,85 Gb Free Space | 76,29% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 19,84 Gb Free Space | 10,65% Space Free | Partition Type: NTFS
Computer Name: LYBBOR | User Name: Tatik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\rFactor\rfactor.exe" = C:\Program Files\rFactor\rfactor.exe:*:Enabled:rFactor -- (Image Space Incorporated)
"C:\Program Files\rFactor\rFactor Dedicated.exe" = C:\Program Files\rFactor\rFactor Dedicated.exe:*:Enabled:rFactor -- (Image Space Incorporated)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\hry\FarCry bojovka\Bin32\FarCry.exe" = D:\hry\FarCry bojovka\Bin32\FarCry.exe:*:Enabled:Far Cry -- (Crytek)
"C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbui.exe" = C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbui.exe:*:Enabled:HP Product Assistant -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:HP Photosmart Essential 2.01 -- (Hewlett-Packard Development Co. L.P.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39DB116F-E088-486F-B13C-8925ECE7A6E5}" = 3D Sound Back Beta0.1
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{4EDD761B-5253-4CD1-A309-9DFEE960E344}" = Logitech Gaming Software 5.09
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}" = ArcSoft VideoImpression 2
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FFD44E90-AEA4-4D25-AF53-5CE2723E88DA}" = MarketingReg
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AnvSoft Photo Flash Maker Free" = AnvSoft Photo Flash Maker Free 5.30
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 3.7.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"CCleaner" = CCleaner (remove only)
"C-Media PCI Sound" = C-Media PCI Audio Device
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FLVPlayer" = FLV Player 1.3.3
"FLVPlayer4Free Free FLV Player_is1" = FLVPlayer4Free Free FLV Player 1.3.0.0
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero Cz_is1" = Nero 6.6.0.18 a Nero vision express 3.1.0.21 Cz
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PowerISO" = PowerISO
"QIP2005" = QIP 2005 Uninstall
"RADVideo" = RAD Video Tools
"rajče.net_is1" = rajče verze 57 sestavení 190
"rFactor" = rFactor (remove only)
"Spotter Plugin_is1" = Spotter Plugin 1.11
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.95.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Red Bull Ring 2010 - The Prologue" = Red Bull Ring 2010 - The Prologue
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.1.2011 9:04:56 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 9:41:12 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 14:13:35 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 14:43:05 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:05:25 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:18:28 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:37:00 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:48:35 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 16:37:09 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 29.1.2011 7:09:05 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 28.1.2011 14:44:25 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 28.1.2011 15:30:28 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 28.1.2011 15:38:21 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba STI Simulator byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba ICQ Service byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Adaptér výkonu služby WMI byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.
< End of report >
OTL logfile created on: 29.1.2011 17:10:24 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Tatik\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 662,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 56,85 Gb Free Space | 76,29% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 19,84 Gb Free Space | 10,65% Space Free | Partition Type: NTFS
Computer Name: LYBBOR | User Name: Tatik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.01.29 16:59:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
PRC - [2010.11.30 18:13:26 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.30 18:13:16 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.30 18:13:16 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.01.14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
========== Modules (SafeList) ==========
MOD - [2011.01.29 16:59:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.07.09 16:24:26 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2010.07.07 23:54:56 | 000,293,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\nView\NVWRSCS.dll
MOD - [2010.07.07 23:52:42 | 002,307,688 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (mfsskbbuauye)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010.11.30 18:13:26 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.30 18:13:16 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
========== Driver Services (SafeList) ==========
DRV - [2011.01.08 10:16:49 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.12.23 15:03:01 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.30 18:13:39 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.21 09:45:18 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.10.21 09:45:16 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.10.21 09:45:16 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.07.10 05:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.06.17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2010.04.27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010.04.27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010.04.27 16:57:24 | 000,031,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2010.04.27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010.04.27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009.03.25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.03.18 11:34:44 | 001,512,960 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2008.11.02 09:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005.05.31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005.05.31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005.04.30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005.04.30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005.04.30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005.03.25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2005.02.24 12:29:14 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2004.10.19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.09.19 13:28:50 | 000,009,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\viausb1.sys -- (viafilter)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tatik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.21 14:13:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.21 14:13:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.01.06 11:48:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.01.10 12:37:38 | 000,000,000 | ---D | M]
[2010.12.19 10:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Extensions
[2010.12.19 10:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.29 12:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\extensions
[2010.12.19 09:52:32 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2011.01.08 10:18:52 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\searchplugins\daemon-search.xml
[2011.01.29 12:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.25 11:01:42 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TATIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\53JJRJH8.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}
[2010.12.10 21:26:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.12.10 22:33:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2009.11.03 02:45:38 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.11.03 02:45:38 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.11.03 02:45:38 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.11.03 02:45:38 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.11.03 02:45:38 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Tatik\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 662,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 56,85 Gb Free Space | 76,29% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 19,84 Gb Free Space | 10,65% Space Free | Partition Type: NTFS
Computer Name: LYBBOR | User Name: Tatik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\rFactor\rfactor.exe" = C:\Program Files\rFactor\rfactor.exe:*:Enabled:rFactor -- (Image Space Incorporated)
"C:\Program Files\rFactor\rFactor Dedicated.exe" = C:\Program Files\rFactor\rFactor Dedicated.exe:*:Enabled:rFactor -- (Image Space Incorporated)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\hry\FarCry bojovka\Bin32\FarCry.exe" = D:\hry\FarCry bojovka\Bin32\FarCry.exe:*:Enabled:Far Cry -- (Crytek)
"C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbui.exe" = C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbui.exe:*:Enabled:HP Product Assistant -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:HP Photosmart Essential 2.01 -- (Hewlett-Packard Development Co. L.P.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39DB116F-E088-486F-B13C-8925ECE7A6E5}" = 3D Sound Back Beta0.1
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{4EDD761B-5253-4CD1-A309-9DFEE960E344}" = Logitech Gaming Software 5.09
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}" = ArcSoft VideoImpression 2
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FFD44E90-AEA4-4D25-AF53-5CE2723E88DA}" = MarketingReg
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AnvSoft Photo Flash Maker Free" = AnvSoft Photo Flash Maker Free 5.30
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 3.7.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"CCleaner" = CCleaner (remove only)
"C-Media PCI Sound" = C-Media PCI Audio Device
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FLVPlayer" = FLV Player 1.3.3
"FLVPlayer4Free Free FLV Player_is1" = FLVPlayer4Free Free FLV Player 1.3.0.0
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero Cz_is1" = Nero 6.6.0.18 a Nero vision express 3.1.0.21 Cz
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PowerISO" = PowerISO
"QIP2005" = QIP 2005 Uninstall
"RADVideo" = RAD Video Tools
"rajče.net_is1" = rajče verze 57 sestavení 190
"rFactor" = rFactor (remove only)
"Spotter Plugin_is1" = Spotter Plugin 1.11
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.95.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Red Bull Ring 2010 - The Prologue" = Red Bull Ring 2010 - The Prologue
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.1.2011 9:04:56 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 9:41:12 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 14:13:35 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 14:43:05 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:05:25 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:18:28 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:37:00 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 15:48:35 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.1.2011 16:37:09 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 29.1.2011 7:09:05 | Computer Name = LYBBOR | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 28.1.2011 14:44:25 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 28.1.2011 15:30:28 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 28.1.2011 15:38:21 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba BlueSoleil Hid Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba STI Simulator byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba ICQ Service byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Adaptér výkonu služby WMI byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 28.1.2011 15:39:13 | Computer Name = LYBBOR | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.
< End of report >
OTL logfile created on: 29.1.2011 17:10:24 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Tatik\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 662,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 56,85 Gb Free Space | 76,29% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 19,84 Gb Free Space | 10,65% Space Free | Partition Type: NTFS
Computer Name: LYBBOR | User Name: Tatik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.01.29 16:59:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
PRC - [2010.11.30 18:13:26 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.30 18:13:16 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.30 18:13:16 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.01.14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
========== Modules (SafeList) ==========
MOD - [2011.01.29 16:59:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.07.09 16:24:26 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2010.07.07 23:54:56 | 000,293,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\nView\NVWRSCS.dll
MOD - [2010.07.07 23:52:42 | 002,307,688 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (mfsskbbuauye)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010.11.30 18:13:26 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.30 18:13:16 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2005.04.06 16:03:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
========== Driver Services (SafeList) ==========
DRV - [2011.01.08 10:16:49 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.12.23 15:03:01 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.30 18:13:39 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.21 09:45:18 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.10.21 09:45:16 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.10.21 09:45:16 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.07.10 05:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.06.17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2010.04.27 16:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010.04.27 16:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010.04.27 16:57:24 | 000,031,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2010.04.27 16:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010.04.27 14:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009.03.25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.03.18 11:34:44 | 001,512,960 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2008.11.02 09:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005.05.31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005.05.31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005.04.30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005.04.30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005.04.30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005.03.25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2005.02.24 12:29:14 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2004.10.19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.09.19 13:28:50 | 000,009,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\viausb1.sys -- (viafilter)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tatik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.21 14:13:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.21 14:13:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.01.06 11:48:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.01.10 12:37:38 | 000,000,000 | ---D | M]
[2010.12.19 10:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Extensions
[2010.12.19 10:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.29 12:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\extensions
[2010.12.19 09:52:32 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2011.01.08 10:18:52 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\searchplugins\daemon-search.xml
[2011.01.29 12:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.25 11:01:42 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\TATIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\53JJRJH8.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}
[2010.12.10 21:26:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.12.10 22:33:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2009.11.03 02:45:38 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.11.03 02:45:38 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.11.03 02:45:38 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.11.03 02:45:38 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.11.03 02:45:38 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Pokračování
O1 HOSTS File: ([2011.01.28 20:48:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tatik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Tatik\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 1985722484 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tatik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tatik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.10 13:36:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308550258917376)
========== Files/Folders - Created Within 30 Days ==========
[2011.01.29 16:58:59 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
[2011.01.28 20:46:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.01.27 15:44:38 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.27 15:42:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.27 15:42:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.27 15:42:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.27 15:42:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.26 20:19:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tatik\Recent
[2011.01.26 18:47:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.01.26 18:47:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.01.26 18:46:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.01.25 11:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2011.01.25 11:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.01.25 10:44:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\skypePM
[2011.01.25 10:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\Skype
[2011.01.25 10:20:01 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.01.25 10:19:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2011.01.24 10:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Plocha\skiny
[2011.01.23 18:53:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Dokumenty\My 4shared Sync
[2011.01.23 11:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\NVIDIA Corporation
[2011.01.21 14:33:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\K-Lite Codec Pack
[2011.01.21 14:33:09 | 000,860,160 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2011.01.21 14:33:09 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2011.01.21 14:33:08 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2011.01.21 14:33:07 | 000,683,520 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2011.01.21 14:33:07 | 000,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2011.01.21 14:33:03 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011.01.21 14:20:13 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011.01.21 14:06:47 | 000,000,000 | ---D | C] -- C:\Program Files\FLVPlayer4Free
[2011.01.21 14:06:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\FLVPlayer4Free
[2011.01.21 13:07:36 | 000,974,336 | ---- | C] (Share-rapid.com) -- C:\Documents and Settings\Tatik\Plocha\SRDownloader.exe
[2011.01.10 22:00:54 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll64X.dll
[2011.01.10 12:45:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\Malwarebytes
[2011.01.10 12:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.01.10 12:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.10 12:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\Tracker Software
[2011.01.10 12:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2011.01.10 11:58:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2011.01.10 11:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Dokumenty\My eBooks
[2011.01.10 11:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\InterTrust
[2011.01.10 11:58:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011.01.09 17:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\HP
[2011.01.09 17:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Dokumenty\Moje naskenované obrázky
[2011.01.09 16:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\HP
[2011.01.09 16:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\WEBREG
[2011.01.09 16:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
[2011.01.09 16:54:00 | 000,271,704 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2011.01.09 16:53:58 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll5ha.dll
[2011.01.09 16:53:34 | 000,675,840 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax3.dll
[2011.01.09 16:53:34 | 000,569,344 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl3.dll
[2011.01.09 16:53:34 | 000,364,544 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2011.01.09 16:53:34 | 000,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2011.01.09 16:53:34 | 000,303,104 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst10.dll
[2011.01.09 16:53:33 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011.01.09 16:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HPSSUPPLY
[2011.01.09 16:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
[2011.01.09 16:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HP Product Assistant
[2011.01.09 16:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HP
[2011.01.09 16:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011.01.09 16:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2011.01.09 16:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2011.01.09 16:48:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011.01.09 16:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011.01.09 16:48:15 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2011.01.09 16:48:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2011.01.08 10:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Pro
[2011.01.08 10:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools
[2011.01.08 10:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DAEMON Tools Lite
[2011.01.08 10:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011.01.08 10:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\PowerISO
[2011.01.08 10:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2011.01.07 08:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Nabídka Start\Programy\Red Bull Ring 2010 - The Prologue
[2011.01.03 09:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011.01.03 09:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\uTorrent
[2011.01.03 09:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\uTorrent
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.01.29 17:03:45 | 000,012,246 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\Oprava F1.rar
[2011.01.29 16:59:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
[2011.01.29 12:08:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.28 21:32:01 | 000,001,768 | -H-- | M] () -- C:\Documents and Settings\Tatik\Dokumenty\Default.rdp
[2011.01.28 20:48:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.28 20:39:26 | 000,001,192 | ---- | M] () -- C:\CF-Submit.htm
[2011.01.28 19:13:12 | 000,001,488 | ---- | M] () -- C:\WINDOWS\VehVwr.INI
[2011.01.27 20:25:45 | 000,000,549 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini
[2011.01.27 16:16:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.27 15:44:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.01.27 15:38:00 | 004,161,188 | R--- | M] () -- C:\Documents and Settings\Tatik\Plocha\ComboFix.exe
[2011.01.26 20:33:55 | 000,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini
[2011.01.26 15:37:29 | 000,151,552 | RHS- | M] () -- C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe
[2011.01.25 10:44:45 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.01.24 10:56:23 | 000,678,326 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\skiny.rar
[2011.01.23 16:25:22 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\Microsoft Office Word 2007.lnk
[2011.01.23 09:29:32 | 000,003,304 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.01.23 09:00:52 | 000,000,228 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011.01.21 14:22:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.21 14:19:59 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011.01.21 14:19:59 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011.01.21 13:20:26 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.nast
[2011.01.21 13:19:04 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.err
[2011.01.21 13:07:38 | 000,974,336 | ---- | M] (Share-rapid.com) -- C:\Documents and Settings\Tatik\Plocha\SRDownloader.exe
[2011.01.20 13:15:15 | 000,000,217 | ---- | M] () -- C:\WINDOWS\3DSIMED.INI
[2011.01.20 11:20:26 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.12 07:37:08 | 000,002,413 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2011.01.11 18:53:03 | 000,001,034 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\LGMobile update.lnk
[2011.01.10 22:07:39 | 000,000,000 | ---- | M] () -- C:\WINDOWS\hpqEmlSz.INI
[2011.01.09 16:55:39 | 000,159,791 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2011.01.09 16:51:12 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
[2011.01.08 10:16:49 | 000,717,296 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011.01.08 10:12:32 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\Zástupce - FarCry.lnk
[2011.01.06 10:43:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.01.29 17:03:44 | 000,012,246 | ---- | C] () -- C:\Documents and Settings\Tatik\Plocha\Oprava F1.rar
[2011.01.28 20:39:26 | 000,001,192 | ---- | C] () -- C:\CF-Submit.htm
[2011.01.28 14:31:17 | 000,151,552 | RHS- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe
[2011.01.27 15:44:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.01.27 15:44:42 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.01.27 15:42:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.27 15:42:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.27 15:42:55 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.27 15:42:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.27 15:42:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.27 15:41:34 | 004,161,188 | R--- | C] () -- C:\Documents and Settings\Tatik\Plocha\ComboFix.exe
[2011.01.26 15:38:32 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\HhdFJl61DD.txt
[2011.01.26 15:38:32 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\Bgm7fGCGHJ.txt
[2011.01.26 15:37:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\IK6fDMGl71.txt
[2011.01.25 10:44:45 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.01.24 10:56:22 | 000,678,326 | ---- | C] () -- C:\Documents and Settings\Tatik\Plocha\skiny.rar
[2011.01.21 14:33:12 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.01.21 14:33:10 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2011.01.21 14:33:08 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.01.21 14:33:08 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.01.21 14:33:07 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2011.01.21 14:33:05 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.01.21 13:17:02 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.err
[2011.01.14 23:23:48 | 000,000,217 | ---- | C] () -- C:\WINDOWS\3DSIMED.INI
[2011.01.14 23:22:23 | 000,001,488 | ---- | C] () -- C:\WINDOWS\VehVwr.INI
[2011.01.10 22:07:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2011.01.10 11:58:48 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Acrobat Reader 5.0 CE.lnk
[2011.01.09 16:51:12 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
[2011.01.09 16:45:46 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2011.01.09 16:45:43 | 000,159,791 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2011.01.09 16:45:43 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2011.01.08 10:16:49 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011.01.08 10:12:32 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Tatik\Plocha\Zástupce - FarCry.lnk
[2011.01.06 10:43:21 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.28 18:01:34 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2010.12.27 12:12:55 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2010.12.27 12:12:55 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.12.24 21:05:13 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2010.12.24 21:05:13 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2010.12.21 15:55:24 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.nast
[2010.12.18 21:47:13 | 130,287,653 | ---- | C] () -- C:\Program Files\TrackPack1_2011.exe
[2010.12.18 21:46:44 | 130,184,229 | ---- | C] () -- C:\Program Files\TrackPack1_2011.rar
[2010.12.12 17:03:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.12.12 15:16:02 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.11 17:07:52 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2010.12.11 16:58:31 | 000,000,580 | ---- | C] () -- C:\WINDOWS\setup.ini.nco
[2010.12.11 16:58:30 | 000,002,638 | ---- | C] () -- C:\WINDOWS\cmaudio.ini.nco
[2010.12.11 16:25:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CMRMDRV3.DLL
[2010.12.10 22:49:04 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2010.12.10 21:46:56 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\fusioncache.dat
[2010.12.10 18:36:58 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.12.10 16:04:00 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010.12.10 15:40:49 | 000,000,198 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010.12.10 15:40:07 | 000,001,480 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010.12.10 15:40:06 | 000,002,421 | ---- | C] () -- C:\WINDOWS\cmudax3.ini
[2010.12.10 15:30:44 | 000,003,304 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.12.10 14:27:06 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.10 13:42:50 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.02.24 12:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
========== LOP Check ==========
[2010.12.24 21:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
[2011.01.08 10:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.12.10 17:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.01.11 18:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2011.01.21 14:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.12.27 13:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Any DVD Converter Professional
[2010.12.27 15:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Boomzap
[2010.12.10 16:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\CheckPoint
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools
[2011.01.08 10:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Pro
[2010.12.10 17:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\ICQ
[2011.01.10 11:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\InterTrust
[2010.12.11 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\IObit
[2010.12.24 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\LG Electronics
[2010.12.10 16:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\QIP
[2010.12.10 16:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Thunderbird
[2011.01.10 12:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Tracker Software
[2011.01.03 09:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\uTorrent
[2010.12.31 16:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\XnView
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.23 20:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Adobe
[2010.12.27 13:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Any DVD Converter Professional
[2010.12.10 16:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Avira
[2010.12.27 15:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Boomzap
[2010.12.10 16:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\CheckPoint
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools
[2011.01.08 10:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Pro
[2011.01.09 16:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\HP
[2010.12.10 17:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\ICQ
[2010.12.10 13:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Identities
[2011.01.10 11:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\InterTrust
[2010.12.11 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\IObit
[2010.12.24 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\LG Electronics
[2010.12.10 15:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Macromedia
[2011.01.10 12:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Malwarebytes
[2011.01.09 18:00:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tatik\Data aplikací\Microsoft
[2010.12.19 09:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla
[2010.12.10 16:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\QIP
[2011.01.28 21:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Skype
[2011.01.28 19:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\skypePM
[2010.12.10 21:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Sun
[2010.12.10 16:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Thunderbird
[2011.01.10 12:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Tracker Software
[2011.01.03 09:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\uTorrent
[2010.12.10 15:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\WinRAR
[2010.12.31 16:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\XnView
< %APPDATA%\*.exe /s >
[2011.01.26 15:37:29 | 000,151,552 | RHS- | M] () -- C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\AGP440.SYS
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2001.08.17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.23 11:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\atapi.sys
< MD5 for: CDROM.SYS >
[2002.09.23 11:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2002.09.23 11:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2002.09.23 11:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2002.09.23 11:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.23 11:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2002.08.29 01:05:06 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=14899FB16E1263BDC6E17AEC0A69BB97 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
[2001.08.17 21:53:18 | 000,007,296 | ---- | M] (Microsoft Corporation) MD5=F9ECF83EB508FA050BB5CBF75DCC117F -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\changer.sys
< MD5 for: ISAPNP.SYS >
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2002.09.23 11:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2002.09.23 11:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.23 11:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2002.09.23 11:00:00 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2002.09.23 11:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2002.09.23 11:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2002.09.23 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.01.08 10:16:49 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.12.10 14:25:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.12.10 14:25:22 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.12.10 14:25:22 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.01.27 16:16:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2AE74FF9
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:FB1B13D8
< End of report >
O1 HOSTS File: ([2011.01.28 20:48:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tatik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Tatik\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1390067357-1123561945-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 1985722484 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tatik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tatik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.10 13:36:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308550258917376)
========== Files/Folders - Created Within 30 Days ==========
[2011.01.29 16:58:59 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
[2011.01.28 20:46:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.01.27 15:44:38 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.27 15:42:55 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.27 15:42:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.27 15:42:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.27 15:42:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.26 20:19:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tatik\Recent
[2011.01.26 18:47:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.01.26 18:47:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.01.26 18:46:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.01.25 11:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2011.01.25 11:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.01.25 10:44:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\skypePM
[2011.01.25 10:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\Skype
[2011.01.25 10:20:01 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.01.25 10:19:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2011.01.24 10:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Plocha\skiny
[2011.01.23 18:53:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Dokumenty\My 4shared Sync
[2011.01.23 11:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\NVIDIA Corporation
[2011.01.21 14:33:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\K-Lite Codec Pack
[2011.01.21 14:33:09 | 000,860,160 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2011.01.21 14:33:09 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2011.01.21 14:33:08 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2011.01.21 14:33:07 | 000,683,520 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2011.01.21 14:33:07 | 000,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2011.01.21 14:33:03 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011.01.21 14:20:13 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011.01.21 14:06:47 | 000,000,000 | ---D | C] -- C:\Program Files\FLVPlayer4Free
[2011.01.21 14:06:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\FLVPlayer4Free
[2011.01.21 13:07:36 | 000,974,336 | ---- | C] (Share-rapid.com) -- C:\Documents and Settings\Tatik\Plocha\SRDownloader.exe
[2011.01.10 22:00:54 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll64X.dll
[2011.01.10 12:45:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\Malwarebytes
[2011.01.10 12:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.01.10 12:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.10 12:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\Tracker Software
[2011.01.10 12:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2011.01.10 11:58:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2011.01.10 11:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Dokumenty\My eBooks
[2011.01.10 11:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\InterTrust
[2011.01.10 11:58:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011.01.09 17:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\HP
[2011.01.09 17:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Dokumenty\Moje naskenované obrázky
[2011.01.09 16:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\HP
[2011.01.09 16:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\WEBREG
[2011.01.09 16:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
[2011.01.09 16:54:00 | 000,271,704 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2011.01.09 16:53:58 | 000,117,760 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpzll5ha.dll
[2011.01.09 16:53:34 | 000,675,840 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpowiax3.dll
[2011.01.09 16:53:34 | 000,569,344 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpotscl3.dll
[2011.01.09 16:53:34 | 000,364,544 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2011.01.09 16:53:34 | 000,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2011.01.09 16:53:34 | 000,303,104 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst10.dll
[2011.01.09 16:53:33 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011.01.09 16:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HPSSUPPLY
[2011.01.09 16:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
[2011.01.09 16:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HP Product Assistant
[2011.01.09 16:50:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HP
[2011.01.09 16:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011.01.09 16:49:57 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2011.01.09 16:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2011.01.09 16:48:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011.01.09 16:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011.01.09 16:48:15 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2011.01.09 16:48:11 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2011.01.08 10:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Pro
[2011.01.08 10:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools
[2011.01.08 10:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DAEMON Tools Lite
[2011.01.08 10:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011.01.08 10:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\PowerISO
[2011.01.08 10:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2011.01.07 08:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Nabídka Start\Programy\Red Bull Ring 2010 - The Prologue
[2011.01.03 09:14:35 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011.01.03 09:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tatik\Data aplikací\uTorrent
[2011.01.03 09:14:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\uTorrent
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.01.29 17:03:45 | 000,012,246 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\Oprava F1.rar
[2011.01.29 16:59:00 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tatik\Plocha\OTL.exe
[2011.01.29 12:08:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.28 21:32:01 | 000,001,768 | -H-- | M] () -- C:\Documents and Settings\Tatik\Dokumenty\Default.rdp
[2011.01.28 20:48:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.28 20:39:26 | 000,001,192 | ---- | M] () -- C:\CF-Submit.htm
[2011.01.28 19:13:12 | 000,001,488 | ---- | M] () -- C:\WINDOWS\VehVwr.INI
[2011.01.27 20:25:45 | 000,000,549 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini
[2011.01.27 16:16:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.27 15:44:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.01.27 15:38:00 | 004,161,188 | R--- | M] () -- C:\Documents and Settings\Tatik\Plocha\ComboFix.exe
[2011.01.26 20:33:55 | 000,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini
[2011.01.26 15:37:29 | 000,151,552 | RHS- | M] () -- C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe
[2011.01.25 10:44:45 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.01.24 10:56:23 | 000,678,326 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\skiny.rar
[2011.01.23 16:25:22 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\Microsoft Office Word 2007.lnk
[2011.01.23 09:29:32 | 000,003,304 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.01.23 09:00:52 | 000,000,228 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2011.01.21 14:22:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.21 14:19:59 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011.01.21 14:19:59 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011.01.21 13:20:26 | 000,000,848 | ---- | M] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.nast
[2011.01.21 13:19:04 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.err
[2011.01.21 13:07:38 | 000,974,336 | ---- | M] (Share-rapid.com) -- C:\Documents and Settings\Tatik\Plocha\SRDownloader.exe
[2011.01.20 13:15:15 | 000,000,217 | ---- | M] () -- C:\WINDOWS\3DSIMED.INI
[2011.01.20 11:20:26 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.12 07:37:08 | 000,002,413 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2011.01.11 18:53:03 | 000,001,034 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\LGMobile update.lnk
[2011.01.10 22:07:39 | 000,000,000 | ---- | M] () -- C:\WINDOWS\hpqEmlSz.INI
[2011.01.09 16:55:39 | 000,159,791 | ---- | M] () -- C:\WINDOWS\hpoins14.dat
[2011.01.09 16:51:12 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
[2011.01.08 10:16:49 | 000,717,296 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011.01.08 10:12:32 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Tatik\Plocha\Zástupce - FarCry.lnk
[2011.01.06 10:43:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.01.29 17:03:44 | 000,012,246 | ---- | C] () -- C:\Documents and Settings\Tatik\Plocha\Oprava F1.rar
[2011.01.28 20:39:26 | 000,001,192 | ---- | C] () -- C:\CF-Submit.htm
[2011.01.28 14:31:17 | 000,151,552 | RHS- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe
[2011.01.27 15:44:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.01.27 15:44:42 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.01.27 15:42:55 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.27 15:42:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.27 15:42:55 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.27 15:42:55 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.27 15:42:55 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.27 15:41:34 | 004,161,188 | R--- | C] () -- C:\Documents and Settings\Tatik\Plocha\ComboFix.exe
[2011.01.26 15:38:32 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\HhdFJl61DD.txt
[2011.01.26 15:38:32 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\Bgm7fGCGHJ.txt
[2011.01.26 15:37:30 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Tatik\Data aplikací\IK6fDMGl71.txt
[2011.01.25 10:44:45 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.01.24 10:56:22 | 000,678,326 | ---- | C] () -- C:\Documents and Settings\Tatik\Plocha\skiny.rar
[2011.01.21 14:33:12 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.01.21 14:33:10 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2011.01.21 14:33:08 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.01.21 14:33:08 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.01.21 14:33:07 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2011.01.21 14:33:05 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.01.21 13:17:02 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.err
[2011.01.14 23:23:48 | 000,000,217 | ---- | C] () -- C:\WINDOWS\3DSIMED.INI
[2011.01.14 23:22:23 | 000,001,488 | ---- | C] () -- C:\WINDOWS\VehVwr.INI
[2011.01.10 22:07:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2011.01.10 11:58:48 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Acrobat Reader 5.0 CE.lnk
[2011.01.09 16:51:12 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
[2011.01.09 16:45:46 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2011.01.09 16:45:43 | 000,159,791 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2011.01.09 16:45:43 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2011.01.08 10:16:49 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2011.01.08 10:12:32 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Tatik\Plocha\Zástupce - FarCry.lnk
[2011.01.06 10:43:21 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.28 18:01:34 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2010.12.27 12:12:55 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2010.12.27 12:12:55 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.12.24 21:05:13 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2010.12.24 21:05:13 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2010.12.21 15:55:24 | 000,000,848 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\SRDownloader.nast
[2010.12.18 21:47:13 | 130,287,653 | ---- | C] () -- C:\Program Files\TrackPack1_2011.exe
[2010.12.18 21:46:44 | 130,184,229 | ---- | C] () -- C:\Program Files\TrackPack1_2011.rar
[2010.12.12 17:03:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.12.12 15:16:02 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.11 17:07:52 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2010.12.11 16:58:31 | 000,000,580 | ---- | C] () -- C:\WINDOWS\setup.ini.nco
[2010.12.11 16:58:30 | 000,002,638 | ---- | C] () -- C:\WINDOWS\cmaudio.ini.nco
[2010.12.11 16:25:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CMRMDRV3.DLL
[2010.12.10 22:49:04 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2010.12.10 21:46:56 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\fusioncache.dat
[2010.12.10 18:36:58 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.12.10 16:04:00 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010.12.10 15:40:49 | 000,000,198 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010.12.10 15:40:07 | 000,001,480 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010.12.10 15:40:06 | 000,002,421 | ---- | C] () -- C:\WINDOWS\cmudax3.ini
[2010.12.10 15:30:44 | 000,003,304 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.12.10 14:27:06 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.10 13:42:50 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Tatik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.02.24 12:29:14 | 000,162,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.sys
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
========== LOP Check ==========
[2010.12.24 21:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
[2011.01.08 10:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.12.10 17:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.01.11 18:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2011.01.21 14:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.12.27 13:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Any DVD Converter Professional
[2010.12.27 15:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Boomzap
[2010.12.10 16:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\CheckPoint
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools
[2011.01.08 10:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Pro
[2010.12.10 17:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\ICQ
[2011.01.10 11:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\InterTrust
[2010.12.11 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\IObit
[2010.12.24 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\LG Electronics
[2010.12.10 16:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\QIP
[2010.12.10 16:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Thunderbird
[2011.01.10 12:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Tracker Software
[2011.01.03 09:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\uTorrent
[2010.12.31 16:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\XnView
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.01.23 20:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Adobe
[2010.12.27 13:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Any DVD Converter Professional
[2010.12.10 16:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Avira
[2010.12.27 15:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Boomzap
[2010.12.10 16:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\CheckPoint
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools
[2011.01.08 10:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Lite
[2011.01.08 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\DAEMON Tools Pro
[2011.01.09 16:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\HP
[2010.12.10 17:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\ICQ
[2010.12.10 13:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Identities
[2011.01.10 11:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\InterTrust
[2010.12.11 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\IObit
[2010.12.24 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\LG Electronics
[2010.12.10 15:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Macromedia
[2011.01.10 12:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Malwarebytes
[2011.01.09 18:00:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tatik\Data aplikací\Microsoft
[2010.12.19 09:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Mozilla
[2010.12.10 16:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\QIP
[2011.01.28 21:38:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Skype
[2011.01.28 19:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\skypePM
[2010.12.10 21:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Sun
[2010.12.10 16:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Thunderbird
[2011.01.10 12:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\Tracker Software
[2011.01.03 09:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\uTorrent
[2010.12.10 15:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\WinRAR
[2010.12.31 16:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tatik\Data aplikací\XnView
< %APPDATA%\*.exe /s >
[2011.01.26 15:37:29 | 000,151,552 | RHS- | M] () -- C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\AGP440.SYS
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2001.08.17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.23 11:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\atapi.sys
< MD5 for: CDROM.SYS >
[2002.09.23 11:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2002.09.23 11:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2002.09.23 11:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2002.09.23 11:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.23 11:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2002.08.29 01:05:06 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=14899FB16E1263BDC6E17AEC0A69BB97 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
[2001.08.17 21:53:18 | 000,007,296 | ---- | M] (Microsoft Corporation) MD5=F9ECF83EB508FA050BB5CBF75DCC117F -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\changer.sys
< MD5 for: ISAPNP.SYS >
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.12.10 14:50:52 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2002.09.23 11:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2002.09.23 11:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.23 11:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2002.09.23 11:00:00 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2002.09.23 11:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2002.09.23 11:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2002.09.23 11:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\backup\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.01.08 10:16:49 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.12.10 14:25:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.12.10 14:25:22 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.12.10 14:25:22 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.01.27 16:16:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2AE74FF9
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:FB1B13D8
< End of report >
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Spustte OTL-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
SRV - File not found [Auto | Stopped] -- -- (mfsskbbuauye)
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tatik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2AE74FF9
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:FB1B13D8
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe
C:\WINDOWS\System32\ezsidmv.dat
C:\Documents and Settings\Tatik\Data aplikací\HhdFJl61DD.txt
C:\Documents and Settings\Tatik\Data aplikací\Bgm7fGCGHJ.txt
C:\Documents and Settings\Tatik\Data aplikací\IK6fDMGl71.txt
C:\Documents and Settings\Tatik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Na ploše po retartu se mi oběvil nějaký soubor typ Data Base File Thumbs.db
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Service mfsskbbuauye stopped successfully!
Service mfsskbbuauye deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\Tatik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2AE74FF9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:FB1B13D8 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002142_.tmp moved successfully.
C:\WINDOWS\005090_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP196.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP232.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP277.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP49B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP577.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP657.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF8.tmp folder moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2a86ecf59fd361a254057c2bd8a2fc84\download\BIT52.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\5098dd9035927e206645a10b773e39d3\BIT27.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\BIT1A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\BIT39.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\a79ed409f1e327c589b9075eb5cbef44\BIT46.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\d2e1f16f5be8fded7ed4631ce3e9160d\BIT4E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\da3a1bae35fa8a560239ca69bdac8b99\BIT33.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e2a232d55639014e09b06bb202e33806\BIT29.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f7209051c8f89b2168bc2707ba9bdfae\BIT47.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\HhdFJl61DD.txt moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\Bgm7fGCGHJ.txt moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\IK6fDMGl71.txt moved successfully.
C:\Documents and Settings\Tatik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33728 bytes
->Flash cache emptied: 56502 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Tatik
->Temp folder emptied: 2925807 bytes
->Temporary Internet Files folder emptied: 2751313 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 99263959 bytes
->Flash cache emptied: 4510 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17622 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 12246 bytes
Total Files Cleaned = 100,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Tatik
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.20.6 log created on 01292011_184901
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Service mfsskbbuauye stopped successfully!
Service mfsskbbuauye deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\Tatik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2AE74FF9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:FB1B13D8 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002142_.tmp moved successfully.
C:\WINDOWS\005090_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP196.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP232.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP277.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP49B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP577.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP657.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF8.tmp folder moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2a86ecf59fd361a254057c2bd8a2fc84\download\BIT52.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\5098dd9035927e206645a10b773e39d3\BIT27.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\BIT1A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\BIT39.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\a79ed409f1e327c589b9075eb5cbef44\BIT46.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\d2e1f16f5be8fded7ed4631ce3e9160d\BIT4E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\da3a1bae35fa8a560239ca69bdac8b99\BIT33.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e2a232d55639014e09b06bb202e33806\BIT29.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f7209051c8f89b2168bc2707ba9bdfae\BIT47.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\juzjf.exe moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\HhdFJl61DD.txt moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\Bgm7fGCGHJ.txt moved successfully.
C:\Documents and Settings\Tatik\Data aplikací\IK6fDMGl71.txt moved successfully.
C:\Documents and Settings\Tatik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33728 bytes
->Flash cache emptied: 56502 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Tatik
->Temp folder emptied: 2925807 bytes
->Temporary Internet Files folder emptied: 2751313 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 99263959 bytes
->Flash cache emptied: 4510 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17622 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 12246 bytes
Total Files Cleaned = 100,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Tatik
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.20.6 log created on 01292011_184901
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
To pak dáme do pořádku. ted spustte znovu combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
ComboFix 11-01-26.02 - Tatik 29.01.2011 21:45:48.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.676 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tatik\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Tatik\Recent\commonmaps.mas
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-29 )))))))))))))))))))))))))))))))
.
2011-01-29 17:49 . 2011-01-29 17:49 -------- d-----w- C:\_OTL
2011-01-29 16:37 . 2011-01-29 16:37 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\TeamViewer
2011-01-29 16:37 . 2011-01-29 16:37 -------- d-----w- c:\program files\TeamViewer
2011-01-26 17:47 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 17:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-25 10:01 . 2011-01-25 10:01 -------- d-----w- c:\program files\Common Files\Skype
2011-01-25 09:44 . 2011-01-28 18:13 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\skypePM
2011-01-25 09:20 . 2011-01-28 20:38 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Skype
2011-01-25 09:20 . 2011-01-25 10:01 -------- d-----r- c:\program files\Skype
2011-01-25 09:19 . 2011-01-25 10:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-01-21 13:33 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll
2011-01-21 13:33 . 2008-07-04 06:34 860160 ----a-w- c:\windows\system32\lameACM.acm
2011-01-21 13:33 . 2007-09-21 00:52 118784 ----a-w- c:\windows\system32\ac3acm.acm
2011-01-21 13:33 . 2008-01-10 12:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll
2011-01-21 13:33 . 2008-01-10 12:15 755027 ----a-w- c:\windows\system32\xvidcore.dll
2011-01-21 13:33 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-01-21 13:33 . 2008-05-30 23:22 683520 ----a-w- c:\windows\system32\divx.dll
2011-01-21 13:33 . 2008-05-22 22:22 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2011-01-21 13:33 . 2008-05-22 22:19 81920 ----a-w- c:\windows\system32\dpl100.dll
2011-01-21 13:33 . 2008-06-12 18:36 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2011-01-21 13:33 . 2011-01-21 13:33 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-01-21 13:13 . 2009-06-25 12:20 1446264 ----a-w- c:\program files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
2011-01-21 13:06 . 2011-01-21 13:07 -------- d-----w- c:\program files\FLVPlayer4Free
2011-01-10 21:00 . 2008-08-18 10:39 117760 ----a-w- c:\windows\system32\hpzll64X.dll
2011-01-10 21:00 . 2008-08-18 10:39 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp64X.dll
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-26 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-10 11:35 . 2011-01-10 11:35 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Tracker Software
2011-01-10 11:33 . 2011-01-10 11:38 -------- d-----w- c:\program files\Tracker Software
2011-01-10 10:58 . 2001-09-10 04:47 103344 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\Profiles
2011-01-10 10:58 . 2001-09-10 04:47 103344 ------w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\system32\Adobe
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\InterTrust
2011-01-09 16:23 . 2011-01-09 16:23 -------- d-----w- c:\documents and settings\Tatik\Local Settings\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WEBREG
2011-01-09 15:54 . 2009-08-26 21:41 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2011-01-09 15:54 . 2009-08-26 21:41 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2011-01-09 15:54 . 2011-01-09 15:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hewlett-Packard
2011-01-09 15:54 . 2010-05-06 10:51 271704 ----a-w- c:\windows\system32\hpzids01.dll
2011-01-09 15:53 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2011-01-09 15:53 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll
2011-01-09 15:53 . 2009-08-26 21:40 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2011-01-09 15:53 . 2007-03-16 17:11 675840 ----a-r- c:\windows\system32\hpowiax3.dll
2011-01-09 15:53 . 2007-03-16 17:11 303104 ----a-r- c:\windows\system32\hpovst10.dll
2011-01-09 15:53 . 2007-03-16 17:11 569344 ----a-r- c:\windows\system32\hpotscl3.dll
2011-01-09 15:53 . 2007-03-07 05:20 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2011-01-09 15:53 . 2007-03-07 05:20 309760 ----a-r- c:\windows\system32\difxapi.dll
2011-01-09 15:53 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2011-01-09 15:53 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-01-09 15:50 . 2011-01-09 15:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP Product Assistant
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\program files\Common Files\HP
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Hewlett-Packard
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2011-01-09 15:48 . 2011-01-27 15:18 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-09 15:48 . 2011-01-09 15:52 -------- d-----w- c:\program files\HP
2011-01-09 15:48 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Pro
2011-01-08 09:19 . 2011-01-08 09:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-08 09:18 . 2011-01-08 09:19 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-08 09:16 . 2011-01-08 09:16 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-08 09:16 . 2011-01-08 09:16 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Lite
2011-01-08 09:14 . 2011-01-08 09:14 -------- d-----w- c:\program files\PowerISO
2011-01-03 08:14 . 2011-01-03 08:29 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\uTorrent
2011-01-03 08:14 . 2011-01-03 08:14 -------- d-----w- c:\program files\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-23 14:03 . 2010-12-10 15:11 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-12-18 20:47 . 2010-12-18 20:47 130287653 ----a-w- c:\program files\TrackPack1_2011.exe
2010-11-30 17:13 . 2010-12-10 15:11 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-18 18:15 . 2010-12-10 12:33 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-12-10 20:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-12-10 20:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2002-09-23 10:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2002-09-23 10:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2002-09-23 10:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2002-09-23 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2010-12-10 13:17 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-09-23 10:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-01-27_15.02.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-29 20:43 . 2011-01-29 20:43 16384 c:\windows\temp\Perflib_Perfdata_7ec.dat
+ 2011-01-27 15:18 . 2007-03-07 05:20 21568 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 49920 c:\windows\system32\ReinstallBackups\0020\DriverFiles\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 16496 c:\windows\system32\ReinstallBackups\0010\DriverFiles\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16800 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\WinxP\Hppaufd0.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipr13_CD5CA4CB29ADB232F99F8FED9E460786C54C550B\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzid413_7226AAA8FE761A362CC9574215E1967F204EB3BF\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2007-03-07 05:20 364544 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2007-03-07 05:20 309760 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 3189760 c:\windows\system32\DRVSTORE\hpc3530c_0F9097B9DD2DBAEA413DCF848ED9640191CB76FE\hpbcfgre.DLL
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-05-05 153672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Tatik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\rFactor\\rfactor.exe"=
"c:\\Program Files\\rFactor\\rFactor Dedicated.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\hry\\FarCry bojovka\\Bin32\\FarCry.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Product Assistant\\bin\\hprbui.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.1.2011 10:16 717296]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10.12.2010 16:11 135336]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.12.2010 17:08 246520]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24.2.2005 12:29 162176]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.12.2010 12:47 16896]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [10.12.2010 22:52 9728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\down_all.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-29 21:53
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-01-29 21:55:22
ComboFix-quarantined-files.txt 2011-01-29 20:55
ComboFix2.txt 2011-01-28 19:52
ComboFix3.txt 2011-01-28 18:56
ComboFix4.txt 2011-01-27 15:04
Před spuštěním: Volných bajtů: 60 966 649 856
Po spuštění: Volných bajtů: 60 953 722 880
- - End Of File - - F144473B575FABD9563C0DB577F4EAD7
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.676 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tatik\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Tatik\Recent\commonmaps.mas
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-29 )))))))))))))))))))))))))))))))
.
2011-01-29 17:49 . 2011-01-29 17:49 -------- d-----w- C:\_OTL
2011-01-29 16:37 . 2011-01-29 16:37 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\TeamViewer
2011-01-29 16:37 . 2011-01-29 16:37 -------- d-----w- c:\program files\TeamViewer
2011-01-26 17:47 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-26 17:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-25 10:01 . 2011-01-25 10:01 -------- d-----w- c:\program files\Common Files\Skype
2011-01-25 09:44 . 2011-01-28 18:13 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\skypePM
2011-01-25 09:20 . 2011-01-28 20:38 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Skype
2011-01-25 09:20 . 2011-01-25 10:01 -------- d-----r- c:\program files\Skype
2011-01-25 09:19 . 2011-01-25 10:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-01-21 13:33 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll
2011-01-21 13:33 . 2008-07-04 06:34 860160 ----a-w- c:\windows\system32\lameACM.acm
2011-01-21 13:33 . 2007-09-21 00:52 118784 ----a-w- c:\windows\system32\ac3acm.acm
2011-01-21 13:33 . 2008-01-10 12:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll
2011-01-21 13:33 . 2008-01-10 12:15 755027 ----a-w- c:\windows\system32\xvidcore.dll
2011-01-21 13:33 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-01-21 13:33 . 2008-05-30 23:22 683520 ----a-w- c:\windows\system32\divx.dll
2011-01-21 13:33 . 2008-05-22 22:22 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2011-01-21 13:33 . 2008-05-22 22:19 81920 ----a-w- c:\windows\system32\dpl100.dll
2011-01-21 13:33 . 2008-06-12 18:36 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2011-01-21 13:33 . 2011-01-21 13:33 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-01-21 13:13 . 2009-06-25 12:20 1446264 ----a-w- c:\program files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
2011-01-21 13:06 . 2011-01-21 13:07 -------- d-----w- c:\program files\FLVPlayer4Free
2011-01-10 21:00 . 2008-08-18 10:39 117760 ----a-w- c:\windows\system32\hpzll64X.dll
2011-01-10 21:00 . 2008-08-18 10:39 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp64X.dll
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-10 11:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-01-10 11:45 . 2011-01-26 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-10 11:35 . 2011-01-10 11:35 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\Tracker Software
2011-01-10 11:33 . 2011-01-10 11:38 -------- d-----w- c:\program files\Tracker Software
2011-01-10 10:58 . 2001-09-10 04:47 103344 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\Profiles
2011-01-10 10:58 . 2001-09-10 04:47 103344 ------w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\windows\system32\Adobe
2011-01-10 10:58 . 2011-01-10 10:58 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\InterTrust
2011-01-09 16:23 . 2011-01-09 16:23 -------- d-----w- c:\documents and settings\Tatik\Local Settings\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\HP
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WEBREG
2011-01-09 15:54 . 2009-08-26 21:41 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2011-01-09 15:54 . 2009-08-26 21:41 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2011-01-09 15:54 . 2011-01-09 15:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hewlett-Packard
2011-01-09 15:54 . 2010-05-06 10:51 271704 ----a-w- c:\windows\system32\hpzids01.dll
2011-01-09 15:53 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2011-01-09 15:53 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll
2011-01-09 15:53 . 2009-08-26 21:40 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2011-01-09 15:53 . 2007-03-16 17:11 675840 ----a-r- c:\windows\system32\hpowiax3.dll
2011-01-09 15:53 . 2007-03-16 17:11 303104 ----a-r- c:\windows\system32\hpovst10.dll
2011-01-09 15:53 . 2007-03-16 17:11 569344 ----a-r- c:\windows\system32\hpotscl3.dll
2011-01-09 15:53 . 2007-03-07 05:20 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2011-01-09 15:53 . 2007-03-07 05:20 309760 ----a-r- c:\windows\system32\difxapi.dll
2011-01-09 15:53 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2011-01-09 15:53 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-01-09 15:50 . 2011-01-09 15:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP Product Assistant
2011-01-09 15:50 . 2011-01-09 15:50 -------- d-----w- c:\program files\Common Files\HP
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Hewlett-Packard
2011-01-09 15:49 . 2011-01-09 15:49 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2011-01-09 15:48 . 2011-01-27 15:18 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-09 15:48 . 2011-01-09 15:52 -------- d-----w- c:\program files\HP
2011-01-09 15:48 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-01-09 15:48 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools
2011-01-08 09:20 . 2011-01-08 09:20 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Pro
2011-01-08 09:19 . 2011-01-08 09:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-08 09:18 . 2011-01-08 09:19 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-08 09:16 . 2011-01-08 09:16 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-08 09:16 . 2011-01-08 09:16 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\DAEMON Tools Lite
2011-01-08 09:14 . 2011-01-08 09:14 -------- d-----w- c:\program files\PowerISO
2011-01-03 08:14 . 2011-01-03 08:29 -------- d-----w- c:\documents and settings\Tatik\Data aplikací\uTorrent
2011-01-03 08:14 . 2011-01-03 08:14 -------- d-----w- c:\program files\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-23 14:03 . 2010-12-10 15:11 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-12-18 20:47 . 2010-12-18 20:47 130287653 ----a-w- c:\program files\TrackPack1_2011.exe
2010-11-30 17:13 . 2010-12-10 15:11 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-18 18:15 . 2010-12-10 12:33 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-12-10 20:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-12-10 20:26 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2002-09-23 10:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2002-09-23 10:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2002-09-23 10:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2002-09-23 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2010-12-10 13:17 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-09-23 10:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-01-27_15.02.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-29 20:43 . 2011-01-29 20:43 16384 c:\windows\temp\Perflib_Perfdata_7ec.dat
+ 2011-01-27 15:18 . 2007-03-07 05:20 21568 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 49920 c:\windows\system32\ReinstallBackups\0020\DriverFiles\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:17 . 2007-03-07 05:20 16496 c:\windows\system32\ReinstallBackups\0010\DriverFiles\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16800 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\WinxP\Hppaufd0.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hpzid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipr13_CD5CA4CB29ADB232F99F8FED9E460786C54C550B\drivers\dot4\Win2000\HPZipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:40 21568 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZius12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 16496 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPzipr12.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2009-08-26 21:41 49920 c:\windows\system32\DRVSTORE\hpzid413_7226AAA8FE761A362CC9574215E1967F204EB3BF\drivers\dot4\Win2000\HPZid412.sys
+ 2011-01-27 15:18 . 2007-03-07 05:20 364544 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2007-03-07 05:20 309760 c:\windows\system32\ReinstallBackups\0021\DriverFiles\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzius13_9669959F8484CCA495B023A4D613D58A1F168F3B\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:39 286720 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\HPZc3212.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 372736 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\hppldcoi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 309760 c:\windows\system32\DRVSTORE\hpzipa13_99C8813AD9F4913625B2CC4BFB0FDAA506DFB85D\drivers\dot4\Win2000\difxapi.dll
+ 2011-01-27 15:18 . 2009-08-26 21:40 3189760 c:\windows\system32\DRVSTORE\hpc3530c_0F9097B9DD2DBAEA413DCF848ED9640191CB76FE\hpbcfgre.DLL
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-05-05 153672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Tatik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\rFactor\\rfactor.exe"=
"c:\\Program Files\\rFactor\\rFactor Dedicated.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\hry\\FarCry bojovka\\Bin32\\FarCry.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Product Assistant\\bin\\hprbui.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.1.2011 10:16 717296]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10.12.2010 16:11 135336]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.12.2010 17:08 246520]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24.2.2005 12:29 162176]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.12.2010 12:47 16896]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [10.12.2010 22:52 9728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\down_all.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Tatik\Data aplikací\Mozilla\Firefox\Profiles\53jjrjh8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-29 21:53
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-01-29 21:55:22
ComboFix-quarantined-files.txt 2011-01-29 20:55
ComboFix2.txt 2011-01-28 19:52
ComboFix3.txt 2011-01-28 18:56
ComboFix4.txt 2011-01-27 15:04
Před spuštěním: Volných bajtů: 60 966 649 856
Po spuštění: Volných bajtů: 60 953 722 880
- - End Of File - - F144473B575FABD9563C0DB577F4EAD7
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Jak se chová počítač?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Pane počítač se chová naprosto normálně.mnohokrát děkuji za Váš čas a že jste tak ochotný poradit.Určitě pošlu něco na podporu tohoto super fora. Jetě jednou děkuji.I ten soubor z plochy zmizel.
Re: prosím o kontrolu Avira mi háže hlášky během hodiny asi
Za podporu fora děkujeme. A mimochodem, jsem žena 
.
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
. Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijtehttp://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?