VIRY.CZ

to je celý velký log?

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-10 00:55:07
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 MAXTOR_6L020J1 rev.AR1.0400
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxrdipow.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2220] USER32.dll!SetWindowLongA 77D3DED3 5 Bytes JMP 10699777 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2220] USER32.dll!SetWindowLongW 77D3DEF1 5 Bytes JMP 10699709 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2220] USER32.dll!GetWindowInfo 77D3F122 1 Byte [E9]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2220] USER32.dll!GetWindowInfo 77D3F122 5 Bytes JMP 104C7C37 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2220] USER32.dll!TrackPopupMenu 77D84F16 5 Bytes JMP 104C823A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3960] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 00401410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Kernel code sections - GMER 1.0.15 ----

? fegi.sys Systém nemůže nalézt uvedený soubor. !
pnidata C:\WINDOWS\System32\DRIVERS\secdrv.sys unknown last section [0xF0344F00, 0x24000, 0x48000000]

---- System - GMER 1.0.15 ----

SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwClose [0xF74D488E]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateFile [0xF74D40EC]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateKey [0xF74D3DCE]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwCreateSection [0xF74D5938]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteKey [0xF74D3ED8]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0xF74D3FC2]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwLoadDriver [0xF74D4BBC]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwOpenFile [0xF74D43F4]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0xF74D4526]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwSetValueKey [0xF74D3BFC]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0xF74D4B04]
SSDT \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ZwWriteFile [0xF74D470C]

---- EOF - GMER 1.0.15 ----

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

----------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP2 [5.1 Build 2600] (x86)
Date : 2011/04/10 10:10:47

-- Controller Map ----------------------------------------------------------
+ Řadič SiS rozhraní IDE ke sběrnici PCI [ATA]
+ Primární kanál IDE (0)
- WDC WD400BB-60DGA0
- MAXTOR 6L020J1
+ Sekundární kanál IDE (1)
- TEAC DV-516D

-- Disk List ---------------------------------------------------------------
(1) MAXTOR 6L020J1 : 20.5 GB [0-0-0, pd1]
(2) WDC WD400BB-60DGA0 : 40.0 GB [1-0-1, pd1]

----------------------------------------------------------------------------
(1) MAXTOR 6L020J1
----------------------------------------------------------------------------
Model : MAXTOR 6L020J1
Firmware : AR1.0400
Serial Number : 661201143392
Disk Size : 20.5 GB (8.4/20.5/----)
Buffer Size : 1818 KB
Queue Depth : 1
# of Sectors : 40132503
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ATA/ATAPI-5 T13 1321D version 1
Transfer Mode : Ultra DMA/133
Power On Hours : 5886 hours
Power On Count : 4006 count
Temparature : 61 C (141 F)
Health Status : Good
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 _20 000000000000 Read Error Rate
03 _81 _81 _20 000000000962 Spin-Up Time
04 _94 _94 __8 00000000100F Start/Stop Count
05 100 100 _20 000000000000 Reallocated Sectors Count
07 100 _93 _23 000000000000 Seek Error Rate
09 _92 _92 __1 0000000016FE Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 _20 000000000000 Recalibration Retries
0C _94 _94 __8 000000000FA6 Power Cycle Count
0D 100 100 _23 000000000000 Soft Read Error Rate stab
C2 _77 _73 _42 00000000003D Temperature
C3 _20 __1 __0 000041683CCA Hardware ECC recovered
C4 100 253 _20 000000000000 Reallocation Event Count
C5 100 100 _20 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 185 185 __0 00000000000F UltraDMA CRC Error Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF 00 00 00 10 7E 00 53 32 00 3F 00 00
010: 00 00 51 54 36 36 31 32 30 31 31 34 33 33 39 32
020: 20 20 20 20 20 20 20 20 00 03 0E 35 00 04 41 52
030: 31 2E 30 34 30 30 4D 41 58 54 4F 52 20 36 4C 30
040: 32 30 4A 31 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 0F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 5F 97 02 64 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 3E 00 15 34 6B 5B 01 40 03 34 69 1A 01 40 03
0B0: 20 7F 00 05 00 00 00 00 FF FE 60 3D 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7A A5

----------------------------------------------------------------------------
(2) WDC WD400BB-60DGA0
----------------------------------------------------------------------------
Model : WDC WD400BB-60DGA0
Firmware : 05.03E05
Serial Number : WD-WCADK4296416
Disk Size : 40.0 GB (8.4/40.0/----)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 78165360
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 3415 hours
Power On Count : 2089 count
Temparature : Unknown
Health Status : Good
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 _96 _90 _21 0000000009FE Spin-Up Time
04 _98 _98 _40 000000000878 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _96 _96 __0 000000000D57 Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 _51 000000000000 Recalibration Retries
0C _98 _98 __0 000000000829 Power Cycle Count
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 253 __0 000000000000 UltraDMA CRC Error Count
C8 200 200 _51 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF 00 00 00 10 E1 00 02 58 00 3F 00 10
010: 00 00 00 0E 57 44 2D 57 43 41 44 4B 34 32 39 36
020: 34 31 36 00 00 00 00 00 00 03 10 00 00 28 30 35
030: 2E 30 33 45 30 35 57 44 43 20 57 44 34 30 30 42
040: 42 2D 36 30 44 47 41 30 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 02 80 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 B5 70 04 A8 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 3E 00 00 34 69 4B 01 40 03 34 69 08 01 40 03
0B0: 20 3F 00 00 00 00 00 00 00 00 6B 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 38 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1B
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 A5

Počítač se pořád seká?

Ano.Je dost pomaly.Uz som aj defragmentoval.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript: - zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

prepac ze po takej dobe. OTL Extras logfile created on: 11.4.2011 11:30:51 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = E:\old timer tools
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 245,00 Mb Available Physical Memory | 48,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,81 Gb Total Space | 3,16 Gb Free Space | 40,40% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 31,06 Gb Free Space | 83,33% Space Free | Partition Type: NTFS
Drive E: | 11,31 Gb Total Space | 9,48 Gb Free Space | 83,79% Space Free | Partition Type: NTFS
Drive G: | 1,84 Gb Total Space | 0,07 Gb Free Space | 3,91% Space Free | Partition Type: FAT

Computer Name: TEREZIA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator -- (Crawler.com)
"D:\hry\Nová složka (2)\age2_x1.exe" = D:\hry\Nová složka (2)\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{1185566F-12ED-3EF0-89CC-38866DCE1EEE}" = Microsoft .NET Framework 3.0 Client Service Pack 2
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{30837A37-8F9F-4817-8B52-C501B67DC3BE}" = Trust WB-1400T Webcam
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{84975365-177A-42EB-A265-9C9B6DB1FEA1}" = Trust Photo Tools
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9211041B-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CAAFB8F9-F8D1-3D27-9AAA-6301A4429440}" = Microsoft .NET Framework 2.0 Client Service Pack 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D617A4DC-C915-3F25-BE43-57E5FD99B441}" = Microsoft .NET Framework 3.5 Client Service Pack 1
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.10.0
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"Defraggler" = Defraggler
"hp deskjet 656c series" = hp deskjet 656c series (Remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{30837A37-8F9F-4817-8B52-C501B67DC3BE}" = Trust WB-1400T Webcam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Mozilla Firefox 4.0 (x86 sk)" = Mozilla Firefox 4.0 (x86 sk)
"NAVIGON Fresh" = NAVIGON Fresh 3.2.0
"Spyware Terminator_is1" = Spyware Terminator
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9.4.2011 3:36:41 | Computer Name = TEREZIA | Source = NTBackup | ID = 8019
Description = Konec operace: Bylo zobrazeno upozornění nebo došlo k chybě. Podrobnosti
naleznete v protokolu zálohování.

Error - 9.4.2011 3:42:56 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WinRAR.exe, verze 3.92.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.4.2011 17:09:27 | Computer Name = TEREZIA | Source = Application Error | ID = 1000
Description = Chybující aplikace gmer.exe, verze 1.0.15.15570, chybující modul gmer.exe,
verze 1.0.15.15570, adresa chyby 0x0000c676.

Error - 10.4.2011 10:11:56 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msimn.exe, verze 6.0.2900.2180, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.4.2011 13:25:19 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.4.2011 17:01:00 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SpywareTerminator.exe, verze 2.8.1.188, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.4.2011 18:09:31 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SpywareTerminator.exe, verze 2.8.1.188, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.4.2011 1:09:37 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.4.2011 2:01:00 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.22.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.4.2011 2:10:32 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.22.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ Application Events ]
Error - 9.4.2011 3:36:41 | Computer Name = TEREZIA | Source = NTBackup | ID = 8019
Description = Konec operace: Bylo zobrazeno upozornění nebo došlo k chybě. Podrobnosti
naleznete v protokolu zálohování.

Error - 9.4.2011 3:42:56 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WinRAR.exe, verze 3.92.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.4.2011 17:09:27 | Computer Name = TEREZIA | Source = Application Error | ID = 1000
Description = Chybující aplikace gmer.exe, verze 1.0.15.15570, chybující modul gmer.exe,
verze 1.0.15.15570, adresa chyby 0x0000c676.

Error - 10.4.2011 10:11:56 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msimn.exe, verze 6.0.2900.2180, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.4.2011 13:25:19 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.4.2011 17:01:00 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SpywareTerminator.exe, verze 2.8.1.188, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.4.2011 18:09:31 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SpywareTerminator.exe, verze 2.8.1.188, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.4.2011 1:09:37 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.4.2011 2:01:00 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.22.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.4.2011 2:10:32 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.22.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 10.4.2011 16:39:59 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 10.4.2011 16:52:52 | Computer Name = TEREZIA | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_23914351\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 10.4.2011 16:52:52 | Computer Name = TEREZIA | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_23914352\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 10.4.2011 16:52:53 | Computer Name = TEREZIA | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_UTQWNDEY\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.

Error - 10.4.2011 16:55:35 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 10.4.2011 16:57:50 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 10.4.2011 16:58:28 | Computer Name = TEREZIA | Source = System Error | ID = 1003
Description = Kód chyby 1000000a, parametr1 00000000, parametr2 00000002, parametr3
00000001, parametr4 804dc6cc.

Error - 11.4.2011 0:46:42 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 11.4.2011 1:53:19 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7034
Description = Služba Spyware Terminator Realtime Shield Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 11.4.2011 3:57:50 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

[ TuneUp Events ]
Error - 3.3.2011 17:51:03 | Computer Name = TEREZIA | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 3.3.2011 23:35:53 | Computer Name = TEREZIA | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >
OTL logfile created on: 11.4.2011 11:30:51 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = E:\old timer tools
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 245,00 Mb Available Physical Memory | 48,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,81 Gb Total Space | 3,16 Gb Free Space | 40,40% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 31,06 Gb Free Space | 83,33% Space Free | Partition Type: NTFS
Drive E: | 11,31 Gb Total Space | 9,48 Gb Free Space | 83,79% Space Free | Partition Type: NTFS
Drive G: | 1,84 Gb Total Space | 0,07 Gb Free Space | 3,91% Space Free | Partition Type: FAT

Computer Name: TEREZIA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.04.10 11:40:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- E:\old timer tools\OTL.exe
PRC - [2011.04.08 00:50:44 | 002,536,584 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\CToolbar.exe
PRC - [2011.04.05 22:59:59 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2011.04.05 22:59:57 | 002,216,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2011.03.18 20:05:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011.04.10 11:40:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- E:\old timer tools\OTL.exe
MOD - [2004.08.17 15:48:02 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.04.05 22:59:59 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.09.26 18:11:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)


========== Driver Services (SafeList) ==========

DRV - [2011.04.10 19:05:26 | 000,024,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\rkhdrv40.sys -- (rkhdrv40)
DRV - [2011.04.05 22:59:59 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2007.05.14 10:26:10 | 000,508,288 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006.12.29 14:48:06 | 004,026,112 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.08.03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001.08.17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001.08.17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001.08.17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001.08.17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001.08.17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001.08.17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001.08.17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001.08.17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001.08.17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001.08.17 22:50:28 | 000,077,824 | ---- | M] (S3 Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3sav4m.sys -- (S3SAVAGE4M)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60076
IE - HKU\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Brothersoft Customized Web Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "pobox.sk"
FF - prefs.js..extensions.enabledItems: searchpredict@speedbit.com:1.0.1.0
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatche ... 60076&qkw="


FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2011.04.11 07:06:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.05 21:52:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.05 21:52:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009.01.25 21:01:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.04.10 15:40:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\extensions
[2010.09.26 13:10:13 | 000,000,000 | ---D | M] (Brothersoft Community Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}(2)
[2010.09.26 13:10:13 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\extensions\engine@conduit(2).com
[2010.09.12 17:28:52 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\searchplugins\conduit.xml
[2010.09.27 01:31:41 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\searchplugins\daemon-search.xml
[2010.06.06 06:41:17 | 000,001,227 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\searchplugins\facebook.xml
[2011.04.10 15:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011.04.11 07:06:18 | 000,000,000 | ---D | M] (Crawler Toolbar) -- C:\PROGRAM FILES\CRAWLER\FIREFOX
[2011.03.18 20:05:42 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011.04.05 23:11:11 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.01.01 10:00:00 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.01.01 10:00:00 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.01.01 10:00:00 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.01.01 10:00:00 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.01.01 10:00:00 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2011.04.10 22:55:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.07 16:16:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: VIDC.IV41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2011.04.11 07:05:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Crawler Toolbar
[2011.04.11 07:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2011.04.11 06:51:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\programi
[2011.04.11 00:11:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.04.10 23:01:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.04.10 22:52:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.04.10 22:37:02 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.04.10 16:43:50 | 000,000,000 | ---D | C] -- C:\rsit
[2011.04.10 14:15:05 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.04.10 14:15:05 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.04.10 14:15:05 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.04.10 14:15:05 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.04.10 14:14:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.04.10 12:36:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2011.04.10 10:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2011.04.10 09:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011.04.10 07:21:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011.04.10 07:21:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011.04.09 09:21:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011.04.09 07:25:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011.04.09 06:46:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011.04.08 13:34:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2011.04.08 13:30:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.04.08 13:30:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.04.08 13:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Temp
[2011.04.08 13:29:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2011.04.08 13:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.04.08 13:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.04.08 13:02:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.04.08 13:02:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.04.08 13:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.08 10:04:25 | 004,026,112 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2011.04.08 10:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2011.04.08 10:03:41 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2011.04.08 10:03:37 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2011.04.08 10:03:37 | 000,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2011.04.08 10:03:32 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2011.04.08 10:03:32 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2011.04.07 13:22:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2011.04.07 11:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.04.06 16:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\C-Media
[2011.04.06 15:48:38 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2011.04.06 08:49:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.04.06 00:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2011.04.05 22:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2011.04.05 22:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Spyware Terminator
[2011.04.05 22:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2011.04.05 22:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2011.04.05 22:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Secunia PSI
[2011.04.05 22:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011.04.05 22:11:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2011.04.05 21:33:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2011.04.05 21:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.04.05 21:28:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.04.05 21:28:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-CZ
[2011.04.04 17:15:57 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011.04.04 15:56:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011.04.04 15:34:26 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.04.04 15:29:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.04.04 13:46:48 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.04.01 10:36:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\XXLGS

========== Files - Modified Within 30 Days ==========

[2011.04.11 09:57:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.04.10 22:55:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.04.10 22:36:10 | 004,318,324 | R--- | M] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.04.10 19:20:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.04.10 19:05:26 | 000,024,448 | ---- | M] () -- C:\WINDOWS\System32\drivers\rkhdrv40.sys
[2011.04.10 14:45:52 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.10 10:37:36 | 000,006,294 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110410_103732.reg
[2011.04.10 08:46:17 | 000,002,176 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.04.10 01:12:46 | 000,034,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\rootrepeal.sys
[2011.04.09 09:20:28 | 000,001,532 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zálohování.lnk
[2011.04.08 11:19:58 | 000,000,674 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - hitman2.exe.lnk
[2011.04.08 11:19:30 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - LiveBilliards.exe.lnk
[2011.04.08 11:18:39 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - Tennis Masters Series 2003.exe.lnk
[2011.04.08 11:18:17 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - quake3.exe.lnk
[2011.04.08 11:17:02 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - openttd.exe.lnk
[2011.04.08 11:16:43 | 000,000,550 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - age2_x1.exe.lnk
[2011.04.08 09:48:52 | 000,390,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.04.08 09:48:52 | 000,387,954 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.04.08 09:48:52 | 000,056,590 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.04.08 09:48:52 | 000,049,198 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.04.07 13:40:53 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011.04.05 23:11:04 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.04.05 22:59:59 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.04.05 21:52:06 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.04.05 19:57:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.04.04 13:43:11 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.04.01 10:37:23 | 000,000,134 | ---- | M] () -- C:\WINDOWS\WEBWTR.INI
[2011.04.01 10:37:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\WEBTRANS.INI

========== Files Created - No Company Name ==========

[2011.04.10 19:04:58 | 000,024,448 | ---- | C] () -- C:\WINDOWS\System32\drivers\rkhdrv40.sys
[2011.04.10 14:15:05 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.04.10 14:15:05 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.04.10 14:15:05 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.04.10 14:15:05 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.04.10 14:15:05 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.04.10 14:09:24 | 004,318,324 | R--- | C] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.04.10 10:37:35 | 000,006,294 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20110410_103732.reg
[2011.04.10 01:10:38 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootrepeal.sys
[2011.04.09 09:20:28 | 000,001,532 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zálohování.lnk
[2011.04.08 11:19:58 | 000,000,674 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - hitman2.exe.lnk
[2011.04.08 11:19:29 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - LiveBilliards.exe.lnk
[2011.04.08 11:18:39 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - Tennis Masters Series 2003.exe.lnk
[2011.04.08 11:18:17 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - quake3.exe.lnk
[2011.04.08 11:17:02 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - openttd.exe.lnk
[2011.04.08 11:16:43 | 000,000,550 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - age2_x1.exe.lnk
[2011.04.08 10:04:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.04.08 10:03:41 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2011.04.08 10:03:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.04.06 16:53:19 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2011.04.05 22:59:59 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.04.05 21:52:06 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2011.04.05 21:52:06 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.04.04 15:34:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.04.04 15:34:31 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.04.01 10:37:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2011.04.01 10:36:28 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2011.03.07 05:09:44 | 000,000,174 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.03.06 18:46:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.03.03 09:32:03 | 000,000,779 | ---- | C] () -- C:\WINDOWS\SOFPLAT.ini
[2011.02.26 14:53:00 | 000,058,296 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.10.19 10:09:02 | 000,172,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\str.sys.vir
[2010.10.19 10:02:19 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010.10.19 10:02:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010.10.19 10:02:19 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010.10.19 10:02:18 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010.10.01 17:21:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\LiveBilliards.INI
[2010.09.30 12:53:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010.09.26 19:45:52 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010.09.26 13:47:20 | 000,000,180 | ---- | C] () -- C:\WINDOWS\GSdx9.INI
[2010.09.15 03:19:32 | 000,000,684 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2010.09.14 11:01:22 | 000,000,260 | ---- | C] () -- C:\WINDOWS\mgutil_reg.ini
[2010.09.14 11:00:47 | 000,000,044 | ---- | C] () -- C:\WINDOWS\mgutil_win.ini
[2009.12.31 17:27:43 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009.11.01 18:51:34 | 000,204,857 | ---- | C] () -- C:\WINDOWS\System32\InstallHelp.dll
[2009.11.01 18:51:34 | 000,107,293 | ---- | C] () -- C:\WINDOWS\System32\GMTUninstall.exe
[2009.11.01 17:59:16 | 000,002,064 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009.01.09 19:42:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.01.01 19:36:56 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.26 08:28:02 | 000,002,176 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008.07.07 18:19:44 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.07 18:11:57 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2008.07.07 18:00:26 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2008.07.07 17:59:14 | 002,417,445 | ---- | C] () -- C:\WINDOWS\System32\Ydsxg.dat
[2008.07.07 17:58:00 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.07.07 17:56:49 | 000,134,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.07.07 17:45:28 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008.07.07 17:33:30 | 000,000,314 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2008.07.07 17:31:29 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.07.07 17:23:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.07.07 17:19:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008.07.07 16:21:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.07.07 16:12:32 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002.09.20 20:19:36 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,390,094 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 14:00:00 | 000,387,954 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,056,590 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 14:00:00 | 000,049,198 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2010.09.27 01:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2009.11.07 14:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\distortum
[2011.02.26 14:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DMCache
[2010.08.02 16:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESET
[2011.04.08 13:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IDM
[2011.04.11 11:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2010.08.02 17:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
[2011.03.07 10:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
[2011.02.26 16:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
[2011.04.06 08:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.09.17 17:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ValuSoft
[2011.02.26 13:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VitySoft
[2010.09.26 13:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ZipGenius
[2010.09.27 01:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.09.09 11:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.03.01 17:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.03.01 18:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.09.19 10:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SiComponents
[2011.02.26 16:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
[2011.04.11 11:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2011.03.04 09:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.04.06 09:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.04.06 08:49:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010.08.02 16:39:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011.03.07 12:54:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\~0
[2010.08.02 17:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.02.26 16:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Speedbit

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.25 12:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2009.02.26 10:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AdobeUM
[2010.01.04 17:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2010.09.27 01:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2009.11.07 14:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\distortum
[2010.09.17 13:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DivX
[2011.02.26 14:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DMCache
[2010.08.02 16:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESET
[2010.08.28 12:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2008.07.07 16:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.04.08 13:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IDM
[2010.09.02 17:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Lavasoft
[2008.07.07 17:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.03.06 23:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2008.10.17 10:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2011.02.26 15:10:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2009.01.25 21:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.09.17 02:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MSN6
[2011.03.28 22:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.03.28 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2011.04.11 11:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2010.08.02 17:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2009.11.08 10:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
[2010.08.02 17:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
[2011.03.07 10:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
[2011.02.26 16:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
[2011.04.06 08:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.09.17 17:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ValuSoft
[2011.02.26 13:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VitySoft
[2011.03.06 20:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2011.03.07 10:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2010.09.26 13:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ZipGenius

< %APPDATA%\*.exe /s >


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.03 22:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.07.07 17:55:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.07.07 17:55:57 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.07.07 17:55:57 | 000,389,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2011.04.10 19:05:26 | 000,024,448 | ---- | M] () -- C:\WINDOWS\system32\drivers\rkhdrv40.sys
[2011.04.10 01:12:46 | 000,034,816 | ---- | M] () -- C:\WINDOWS\system32\drivers\rootrepeal.sys

< %systemroot%\system32\*.* /3 >
[2011.04.10 08:46:17 | 000,002,176 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2011.04.10 14:45:52 | 000,134,872 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT

========== Alternate Data Streams ==========

@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A9662AE0
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

< End of report >

System drive C: has 2 GB (27%) free of 8 GB
2GB to je tak akorát, chtělo by to trošku víc, máte ten oddíl dost malý. Také by to chtělo doinstalovat sp3.




Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

Dobry denprajem All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A9662AE0 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP130.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP43.tmp folder moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\066ffb90ad17118b5d00aa1a10e09d35\BIT1A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\07c90dcbdedfe16c2b58e68ce910936a\BIT2A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0bfe47e58d65a90f0263f041ec115a72\BIT32.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0cab2b9164d7d402a9c9b35a9bc1520c\BIT3.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0e5499a9173e07436cac2bfd4fccf9cd\BIT13.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0fedacd112dd13ad60761d9dc1180f1d\BIT2B.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\BIT31.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\1c13a3485c4b9a24bac76c4cc8aa317b\BIT1B.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\21d6331d541a8a6e8be11d421ad5373e\BIT27.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\25b0b42a79049877c2b9c72177e944ea\BIT1E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\26e7d1f978c9ad7492cfcd24c9f632b8\BIT4.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2fc4dec0729be72ede0de711a02133ed\BIT10.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\40346ccf2ba5813db2e03a3c8a0f73c2\BIT22.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\41b2219405346d6421a1b21083eb6dd7\BIT21.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\46d9adeed599173df3acea562650bebd\BIT7.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\48b4f66aba2f3ddfff3e2d0cb40a06d9\BIT6.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\4dff44b1729d2446943b725d1eb041cb\BITA.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\508483484f3a183df6329500a0689df5\BIT26.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\5098dd9035927e206645a10b773e39d3\download\BIT14.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\509a413678db3a3e976e7e4cb38d9ff9\BIT11.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\56f5f114cbf05223e7ecb0794869b844\BIT34.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\6ad907f561fabcd9e89ddbe4b2b4d4ae\BITD.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\6eb64538d1eb8e0e92baa96fc62ba854\BIT20.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\7654a5f78a672bd2ba8b0cec462f5907\BIT1.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\BIT14.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\842b807b71c8aa6c2ac69155c34925cf\BIT15.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\851a69e5c9fef905f7724b836208b4e4\BIT2C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8573f895b9caebec15a2846b147c4acc\BIT23.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\892b8e1f3f940e2b4a0d3d2491323f80\BITF.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8e8fb6c243dc806cf8d12f60695a91d8\BITC.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8fa34d49e29b308c20dc3c325ba2509b\BIT25.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\BIT19.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\94cb1155beed812ad7f0048d578b46e3\BIT2E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\98df63c725396df2d3ec6f45abce37f1\download\BIT15.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9a72d7ab7525b39585dec9f9e7f10b44\download\BIT1C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\a081a150a4f978c1bd667c2a5a110ed7\BIT19.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\a081a150a4f978c1bd667c2a5a110ed7\BIT2F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\a9de1b2071cad5998138befbe3b835b7\BIT33.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\abd17da5c7c9fd35f1795bb4189a1a1a\BIT2.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\afc0c6ad8d70f354180f357a6b65cf4a\BITE.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b063f356f9664bd7343d099ddfdac7fc\BIT35.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b2cfc02d056afee9e4a5f9c3f6aa3421\BIT5.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b3ba0f7542150a0ff634f02bb11873ed\download\BIT12.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b44c9002180e450d88cff54ce8e1390b\download\BIT2A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b66048432d7341c70ef08a575b3c4ee7\BIT29.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\be21e799c4114ec3b7e78e2497c5dec7\download\BIT16.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\c7009c335500dda6e89a802c109fc30b\BIT24.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\cb0f38ed286b9b731b45e45765e59ca2\BIT27.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\d2e9273cf01d77f8c2149dfe84dc1b49\BIT2F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e2a232d55639014e09b06bb202e33806\BIT1F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\eaeb89f20fe0db7ef11fe332b0fe8f02\BIT28.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\eaf4967673e984f5edbd6a38697f439e\BIT8.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f12cc915d5db471639c6d4bf58b18baf\BIT9.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f5e3940b5bd958bd79ba427de6730940\BIT1D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\fa5f3faa18dd78f73661bcbc7c66f517\BIT2D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\fd674b0793556498419dc6d88ead9cda\BITB.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\febfc82258e18b5699c0653f337b4c1d\BIT30.tmp moved successfully.
File move failed. C:\WINDOWS\SoftwareDistribution\Download\feddebd683ffbe6d1196940b08be3a19\BIT16.tmp scheduled to be moved on reboot.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 674970 bytes
->Temporary Internet Files folder emptied: 278645 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45618396 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 505 bytes

User: All Users

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 71373 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 131072 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1739914 bytes

Total Files Cleaned = 46,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.22.3 log created on 04122011_070435

Files\Folders moved on Reboot...
C:\WINDOWS\SoftwareDistribution\Download\feddebd683ffbe6d1196940b08be3a19\BIT16.tmp moved successfully.
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_690.dat moved successfully.

Registry entries deleted on Reboot...

Co počítač?

prosim pomozte,brat tu nieco nainstaloval kym som bol prec,stale sa restartuje pc.Surne :(Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-04-12 10:00:21
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (31%) free of 8 GB
Total RAM: 511 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:00, on 12.4.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\aswUpdSv.exe
E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\ashServ.exe
E:\avast\AVASTA~1\Setup\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [avast!] E:\avast\AVASTA~1\Setup\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download with Star Downloader - E:\My Download Files\ACCELELATOR PLUS\Star Downloader\sdie.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 4395 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\PandaUSBVaccine.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=E:\avast\AVASTA~1\Setup\ashDisp.exe [2009-11-25 81000]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ieframe.dll]
regsvr32.exe /s C:\WINDOWS\System32\ieframe.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\shell32.dll]
regsvr32.exe /s C:\WINDOWS\system32\shell32.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2011-04-05 2216960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_09.04.2011_10-43.lnk]
E:\kasper\VIRUSR~1\SETUP_~1.20~\startup.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"D:\hry\Nová složka (2)\age2_x1.exe"="D:\hry\Nová složka (2)\age2_x1.exe:*:Enabled:Age of Empires II Expansion"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-04-12 09:55:17 ----A---- C:\WINDOWS\system32\drivers\9574816.sys
2011-04-12 09:45:20 ----D---- C:\32788R22FWJFW
2011-04-12 09:44:57 ----D---- C:\Program Files\Windows Media Connect 2
2011-04-12 09:44:57 ----D---- C:\Program Files\Secunia
2011-04-12 09:44:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-04-12 09:44:57 ----D---- C:\Program Files\ESET
2011-04-12 09:44:57 ----D---- C:\Program Files\Alwil Software
2011-04-12 09:44:57 ----D---- C:\Program Files\7-Zip
2011-04-12 09:41:55 ----A---- C:\WINDOWS\ntbtlog.txt
2011-04-12 09:37:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-12 09:24:28 ----D---- C:\32788R22FWJFW(3)
2011-04-12 08:47:09 ----D---- C:\WINDOWS\CSC
2011-04-12 08:45:34 ----D---- C:\32788R22FWJFW(2)
2011-04-11 21:18:10 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-04-11 21:18:09 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-04-11 21:18:08 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-04-11 21:18:06 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-04-11 21:18:06 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-04-11 21:18:06 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-04-11 21:18:06 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-04-11 21:17:06 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-11 16:37:14 ----D---- C:\WINDOWS\MindSoft Utilities 2011
2011-04-11 12:28:37 ----A---- C:\cleanup.bat
2011-04-11 12:28:10 ----A---- C:\WINDOWS\system32\vhxaag.txt
2011-04-11 07:05:07 ----D---- C:\Program Files\Crawler
2011-04-10 23:01:44 ----SHD---- C:\RECYCLER
2011-04-10 22:52:11 ----D---- C:\WINDOWS\temp
2011-04-10 22:37:02 ----SD---- C:\ComboFix
2011-04-10 19:04:58 ----A---- C:\WINDOWS\system32\drivers\rkhdrv40.sys
2011-04-10 16:43:50 ----D---- C:\rsit
2011-04-10 14:15:05 ----A---- C:\WINDOWS\zip.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\SWSC.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\SWREG.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\sed.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\PEV.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\NIRCMD.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\MBR.exe
2011-04-10 14:15:05 ----A---- C:\WINDOWS\grep.exe
2011-04-10 14:14:35 ----D---- C:\Qoobox
2011-04-10 12:36:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-04-10 09:33:06 ----D---- C:\Program Files\Defraggler
2011-04-10 07:21:49 ----D---- C:\WINDOWS\system32\PreInstall
2011-04-10 07:21:43 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-04-10 07:21:43 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-10 01:10:38 ----A---- C:\WINDOWS\system32\drivers\rootrepeal.sys
2011-04-09 09:21:29 ----D---- C:\WINDOWS\system32\NtmsData
2011-04-09 07:25:29 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-04-09 06:46:03 ----D---- C:\WINDOWS\SxsCaPendDel
2011-04-08 13:30:36 ----D---- C:\Program Files\CCleaner
2011-04-08 13:29:03 ----D---- C:\Program Files\Google
2011-04-08 10:04:50 ----A---- C:\WINDOWS\system32\ChCfg.exe
2011-04-08 10:04:25 ----RA---- C:\WINDOWS\system32\drivers\alcxwdm.sys
2011-04-08 10:03:43 ----D---- C:\Program Files\Realtek AC97
2011-04-08 10:03:41 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2011-04-08 10:03:37 ----A---- C:\WINDOWS\soundman.exe
2011-04-08 10:03:36 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2011-04-08 10:03:32 ----A---- C:\WINDOWS\alcupd.exe
2011-04-08 10:03:32 ----A---- C:\WINDOWS\Alcrmv.exe
2011-04-07 11:48:26 ----D---- C:\Program Files\trend micro
2011-04-06 16:53:19 ----N---- C:\WINDOWS\cmaudio.ini
2011-04-06 16:53:19 ----D---- C:\Program Files\C-Media
2011-04-06 15:48:38 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-04-06 15:24:35 ----ASH---- C:\pagefile.sys
2011-04-06 08:49:29 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-04-06 00:05:19 ----D---- C:\Program Files\WinClamAVShield
2011-04-05 22:59:59 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-04-05 22:59:57 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
2011-04-05 22:59:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-04-05 22:59:42 ----D---- C:\Program Files\Spyware Terminator
2011-04-05 21:30:29 ----D---- C:\WINDOWS\WBEM
2011-04-05 21:28:55 ----HDC---- C:\WINDOWS\ie8
2011-04-05 21:28:55 ----D---- C:\WINDOWS\system32\cs-CZ
2011-04-04 17:15:57 ----HD---- C:\Program Files\WindowsUpdate
2011-04-04 15:56:13 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-04-04 15:34:35 ----N---- C:\Boot.bak
2011-04-04 15:34:26 ----RASHD---- C:\cmdcons
2011-04-04 15:29:15 ----D---- C:\WINDOWS\ERDNT
2011-04-01 10:37:23 ----A---- C:\WINDOWS\WEBTRANS.INI
2011-04-01 10:36:28 ----A---- C:\WINDOWS\WEBWTR.INI
2011-04-01 10:36:15 ----D---- C:\WINDOWS\XXLGS

======List of files/folders modified in the last 1 months======

2011-04-12 10:00:14 ----D---- C:\WINDOWS
2011-04-12 09:56:10 ----D---- C:\WINDOWS\system32\drivers
2011-04-12 09:56:09 ----HD---- C:\WINDOWS\inf
2011-04-12 09:56:09 ----D---- C:\WINDOWS\system32\CatRoot
2011-04-12 09:56:07 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-12 09:49:32 ----D---- C:\WINDOWS\system32\config
2011-04-12 09:48:53 ----D---- C:\WINDOWS\system32\wbem
2011-04-12 09:48:47 ----D---- C:\WINDOWS\Registration
2011-04-12 09:45:24 ----D---- C:\WINDOWS\system32
2011-04-12 09:45:22 ----SHD---- C:\WINDOWS\Installer
2011-04-12 09:44:57 ----RD---- C:\Program Files
2011-04-12 09:44:57 ----D---- C:\ProgramData
2011-04-12 09:42:06 ----D---- C:\WINDOWS\Minidump
2011-04-12 09:34:45 ----D---- C:\WINDOWS\system32\drivers\etc
2011-04-12 08:20:59 ----D---- C:\Config.Msi
2011-04-12 08:20:57 ----D---- C:\WINDOWS\WinSxS
2011-04-12 08:20:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-12 08:12:30 ----SD---- C:\WINDOWS\Tasks
2011-04-12 07:05:51 ----SHD---- C:\System Volume Information
2011-04-12 07:05:51 ----D---- C:\WINDOWS\system32\Restore
2011-04-12 06:55:29 ----D---- C:\WINDOWS\SoftwareDistribution
2011-04-11 20:16:53 ----D---- C:\WINDOWS\Prefetch
2011-04-11 16:38:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-10 22:46:56 ----D---- C:\WINDOWS\AppPatch
2011-04-10 22:46:40 ----D---- C:\Program Files\Common Files
2011-04-10 19:20:57 ----RSH---- C:\boot.ini
2011-04-10 19:20:57 ----A---- C:\WINDOWS\win.ini
2011-04-10 19:20:57 ----A---- C:\WINDOWS\system.ini
2011-04-10 15:04:41 ----D---- C:\WINDOWS\pss
2011-04-09 22:43:10 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-04-09 12:02:00 ----D---- C:\Program Files\WinRAR
2011-04-09 09:26:00 ----D---- C:\WINDOWS\repair
2011-04-09 09:21:27 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-04-08 13:36:10 ----D---- C:\Documents and Settings\Administrator\Data aplikací\IDM
2011-04-08 13:36:01 ----D---- C:\WINDOWS\Debug
2011-04-08 10:03:31 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-08 10:02:59 ----D---- C:\Program Files\Common Files\InstallShield
2011-04-08 09:48:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-06 09:07:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-04-06 08:55:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
2011-04-06 08:17:50 ----D---- C:\Documents and Settings
2011-04-05 23:11:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-04-05 21:52:02 ----D---- C:\Program Files\Mozilla Firefox
2011-04-05 21:32:51 ----D---- C:\WINDOWS\Help
2011-04-05 21:32:51 ----D---- C:\Program Files\Internet Explorer
2011-04-05 21:30:19 ----D---- C:\WINDOWS\Media
2011-03-28 22:12:08 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-03-28 21:13:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys [2011-04-10 24448]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-12-29 4026112]
R3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
R3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
R3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 S3SAVAGE4M;S3SAVAGE4M; C:\WINDOWS\System32\DRIVERS\s3sav4m.sys [2001-08-17 77824]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 SASDIFSV;SASDIFSV; \??\E:\My Download Files\antispywer\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\E:\My Download Files\antispywer\SASKUTIL.sys []
S1 setup_9.0.0.722_09.04.2011_10-43drv;setup_9.0.0.722_09.04.2011_10-43drv; C:\WINDOWS\system32\DRIVERS\9574816.sys [2009-10-09 315408]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 SASENUM;SASENUM; \??\E:\My Download Files\antispywer\SASENUM.SYS []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\ashServ.exe [2009-11-25 138680]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-04-05 496128]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 avast! Mail Scanner;avast! Mail Scanner; E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; E:\avast\Avast Antivirus 2010 Professional With Serials\Setup\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-26 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]

-----------------EOF-----------------

Start - ovládací panely - systém
-klikněte na kartu upřesnit - uplně dole na tlačítko Nastavení
-vyškrtněte políčko automaticky restartovat

-po naběhnutí systému by se měla objevit místo restartu modrá obrazovka. Opište si tam chyby, jako např STOP: 00000X565 atd a vložte je sem.
- pak restartujte a jděte do nouzového režimu , podívejte se, jestli se ve složce C:\WINDOWS\Minidump
nejsou nějaké soubory, pokud ano, dejte je do zipu a pošlete na http://www.leteckaposta.cz, link vložte zde.

http://leteckaposta.cz/534714613 ,stop 0+00000000 ,0+00000002,0+00000001,0+804dc6cc

Co jste si ještě instaloval do pc za programy na viry? rootrepeal, rootkit unhoker? Dělá to nějaký z těchto programů na rootkity, odinstalovat a vložte log ze rsitu, musíme odstranit driver.
A už prosím neinstalujte bez mého doporučení žádné další takovéto programy .