VIRY.CZ

Já si to sem vložím,je to pro mě přehlednější

#
OTL logfile created on: 3. 5. 2011 15:21:48 - Run 1
#
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\PATOWIST\Plocha
#
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
#
Internet Explorer (Version = 8.0.6001.18702)
#
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy
#

#
1 023,00 Mb Total Physical Memory | 368,00 Mb Available Physical Memory | 36,00% Memory free
#
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 70,00% Paging File free
#
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
#

#
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
#
Drive C: | 22,09 Gb Total Space | 0,85 Gb Free Space | 3,86% Space Free | Partition Type: NTFS
#
Drive D: | 122,07 Gb Total Space | 65,99 Gb Free Space | 54,06% Space Free | Partition Type: NTFS
#
Drive J: | 465,65 Gb Total Space | 311,00 Gb Free Space | 66,79% Space Free | Partition Type: FAT32
#

#
Computer Name: PATWIST | User Name: PATOWIST | Logged in as Administrator.
#
Boot Mode: Normal | Scan Mode: All users
#
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
#

#
========== Processes (SafeList) ==========
#

#
PRC - [2011.05.03 15:16:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PATOWIST\Plocha\OTL.exe
#
PRC - [2011.05.01 21:37:38 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
#
PRC - [2011.04.18 19:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
#
PRC - [2011.04.18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
#
PRC - [2011.04.18 01:11:22 | 001,378,040 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
#
PRC - [2011.04.18 01:11:22 | 000,928,496 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
#
PRC - [2011.03.04 17:32:16 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
#
PRC - [2011.03.04 17:30:34 | 001,523,008 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
#
PRC - [2011.02.28 16:15:30 | 000,427,008 | ---- | M] (Sony Ericsson) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
#
PRC - [2010.12.13 14:52:46 | 000,074,960 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
#
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
#
PRC - [2006.11.11 13:22:38 | 000,253,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
#

#

#
========== Modules (SafeList) ==========
#

#
MOD - [2011.05.03 15:16:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PATOWIST\Plocha\OTL.exe
#
MOD - [2011.04.18 19:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
#
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
#

#

#
========== Win32 Services (SafeList) ==========
#

#
SRV - File not found [Auto | Stopped] -- -- (PLFlash DeviceIoControl Service)
#
SRV - File not found [Auto | Stopped] -- -- (NetControl2.AdminHelper)
#
SRV - File not found [On_Demand | Stopped] -- -- (McComponentHostService)
#
SRV - File not found [Disabled | Stopped] -- -- (Abel)
#
SRV - File not found [Auto | Stopped] -- -- (36820)
#
SRV - [2011.04.18 19:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
#
SRV - [2011.04.18 01:11:22 | 001,378,040 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
#
SRV - [2011.03.04 17:30:34 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
#
SRV - [2011.03.04 17:28:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
#
SRV - [2011.02.10 15:29:24 | 000,150,528 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
#
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
#
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
#
SRV - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
#

#

#
========== Driver Services (SafeList) ==========
#

#
DRV - File not found [Kernel | On_Demand | Running] -- -- (xpsec)
#
DRV - File not found [Kernel | On_Demand | Running] -- -- (xcpip)
#
DRV - [2011.04.18 19:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
#
DRV - [2011.04.18 19:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
#
DRV - [2011.04.18 19:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
#
DRV - [2011.04.18 19:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
#
DRV - [2011.04.18 19:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
#
DRV - [2011.04.18 19:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
#
DRV - [2011.04.18 19:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
#
DRV - [2011.04.18 01:11:30 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
#
DRV - [2011.02.17 19:06:10 | 000,122,032 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
#
DRV - [2011.02.10 10:22:58 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
#
DRV - [2010.12.15 18:31:31 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
#
DRV - [2010.12.15 18:31:31 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
#
DRV - [2010.08.12 14:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
#
DRV - [2010.02.11 14:01:43 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
#
DRV - [2009.01.05 10:32:07 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
#
DRV - [2008.11.08 00:12:08 | 000,006,896 | ---- | M] (Net Software 2) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ncvhook.sys -- (ncvhook)
#
DRV - [2008.09.12 16:53:05 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
#
DRV - [2008.08.29 16:29:44 | 000,256,512 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
#
DRV - [2008.07.03 15:13:04 | 000,083,312 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\RARfsClientNP.dll -- (RARfsClientNP)
#
DRV - [2008.07.01 12:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
#
DRV - [2008.01.31 23:15:34 | 000,560,896 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
#
DRV - [2007.04.17 14:00:30 | 000,010,168 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ramirr.sys -- (ramirr)
#
DRV - [2007.04.05 11:55:16 | 000,046,000 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\RARfsDriver.sys -- (RARfsDriver)
#
DRV - [2006.11.02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
#
DRV - [2006.11.01 19:45:14 | 000,219,264 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTCamDrv.sys -- (BTCAMDRV)
#
DRV - [2006.04.06 08:20:44 | 004,258,816 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
#
DRV - [2006.03.22 07:24:02 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
#
DRV - [2006.03.22 07:24:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
#
DRV - [2006.03.16 11:45:12 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
#
DRV - [2006.03.15 11:52:40 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
#
DRV - [2006.02.24 02:37:00 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
#
DRV - [2006.02.10 12:17:46 | 000,047,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
#
DRV - [2006.02.08 18:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
#
DRV - [2006.02.03 00:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
#
DRV - [2005.08.01 17:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
#
DRV - [2005.07.11 19:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
#
DRV - [2005.03.09 08:53:00 | 000,036,352 | R--- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
#
DRV - [2005.01.06 14:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
#
DRV - [2004.08.23 13:55:54 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser)
#
DRV - [2004.08.22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
#
DRV - [2004.08.22 16:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
#
DRV - [2004.08.04 00:59:52 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
#
DRV - [2001.08.17 21:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb)
#

#

#
========== Standard Registry (SafeList) ==========
#

#

#
========== Internet Explorer ==========
#

#

#

#
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
#

#

#
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
#

#

#

#
IE - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
#
IE - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
#
IE - HKU\S-1-5-21-220523388-776561741-839522115-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
#

#
========== FireFox ==========
#

#
FF - prefs.js..network.proxy.http: "127.0.0.1"
#
FF - prefs.js..network.proxy.http_port: 51636
#
FF - prefs.js..network.proxy.type: 1
#

#
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.17 20:37:36 | 000,000,000 | ---D | M]
#
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.17 20:37:37 | 000,000,000 | ---D | M]
#
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.04.15 16:20:12 | 000,000,000 | ---D | M]
#
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.01 21:37:41 | 000,000,000 | ---D | M]
#
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.01 21:37:41 | 000,000,000 | ---D | M]
#

#
[2011.03.20 20:55:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PATOWIST\Data aplikací\Mozilla\Extensions
#
[2011.05.02 19:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PATOWIST\Data aplikací\Mozilla\Firefox\Profiles\f9ppzm5s.default\extensions
#
[2011.03.21 23:26:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\PATOWIST\Data aplikací\Mozilla\Firefox\Profiles\f9ppzm5s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
#
[2011.04.09 15:56:39 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\PATOWIST\Data aplikací\Mozilla\Firefox\Profiles\f9ppzm5s.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
#
[2011.04.09 15:56:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\PATOWIST\Data aplikací\Mozilla\Firefox\Profiles\f9ppzm5s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
#
[2011.04.16 13:53:00 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Documents and Settings\PATOWIST\Data aplikací\Mozilla\Firefox\Profiles\f9ppzm5s.default\extensions\tineye@ideeinc.com
#
[2011.05.02 19:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
#
[2011.04.13 12:20:15 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{12d2b889-7ccb-0af6-4126-806f13689ed0}
#
[2011.04.13 12:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{12d2b889-7ccb-0af6-4126-806f13689ed0}.del
#
[2011.04.10 20:57:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
#
File not found (No name found) --
#
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PATOWIST\PLOCHA\FENNEC\EXTENSIONS\FEEDBACK@MOBILE.MOZILLA.ORG
#
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
#
[2011.03.03 19:05:42 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
#
[2011.03.03 19:05:42 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
#
[2011.03.03 19:05:42 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
#
[2011.03.03 19:05:42 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
#
[2011.03.03 19:05:42 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
#
[2011.03.03 19:05:42 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml
#

#
O1 HOSTS File: ([2009.04.07 18:29:21 | 000,000,786 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
#
O1 - Hosts: 127.0.0.1 localhost
#
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
#
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
#
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
#
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
#
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
#
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
#
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
#
O3 - HKU\S-1-5-21-220523388-776561741-839522115-1005\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
#
O3 - HKU\S-1-5-21-220523388-776561741-839522115-1005\..\Toolbar\WebBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
#
O4 - HKLM..\Run: [] File not found
#
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
#
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
#
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
#
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
#
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
#
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
#
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] D:\Programy\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
#
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] D:\Programy\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
#
O4 - HKU\S-1-5-21-220523388-776561741-839522115-1005..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
#
O4 - HKU\S-1-5-21-220523388-776561741-839522115-1005..\RunOnce: [Shockwave Updater] File not found
#
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
#
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
#
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
#
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
#
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
#
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
#
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
#
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
#
O7 - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
#
O7 - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 11
#
O7 - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
#
O7 - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
#
O7 - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
#
O7 - HKU\S-1-5-21-220523388-776561741-839522115-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 01 00 00 00 [binary data]
#
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
#
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
#
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDow ... eqlab2.cab (Reg Error: Key error.)
#
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
#
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
#
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
#
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
#
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
#
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
#
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
#
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
#
O20 - HKU\S-1-5-21-220523388-776561741-839522115-1005 Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
#
O20 - Winlogon\Notify\RAinit: DllName - RAinit.dll - C:\WINDOWS\System32\RAinit.dll (LogMeIn, Inc.)
#
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
#
O24 - Desktop WallPaper: C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
#
O24 - Desktop BackupWallPaper: C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
#
O27 - HKLM IFEO\googleearth.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
#
O27 - HKLM IFEO\isuspm.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
#
O27 - HKLM IFEO\windvd.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
#
O32 - HKLM CDRom: AutoRun - 1
#
O32 - AutoRun File - [2007.05.06 14:47:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
#
O33 - MountPoints2\{428171aa-b601-11df-b841-001617787d11}\Shell\Setup RealPlayer\command - "" = J:\RPSP_Install_Wrapper.exe
#
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
#
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
#
O35 - HKLM\..comfile [open] -- "%1" %*
#
O35 - HKLM\..exefile [open] -- "%1" %*
#
O37 - HKLM\...com [@ = comfile] -- "%1" %*
#
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
#

#
NetSvcs: Ias - File not found
#
NetSvcs: Iprip - File not found
#
NetSvcs: NWCWorkstation - File not found
#
NetSvcs: Nwsapagent - File not found
#
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
#
NetSvcs: WmdmPmSp - File not found
#

#
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
#
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
#
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
#
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
#
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
#
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
#
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
#
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
#
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
#
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
#
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
#
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
#
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
#
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
#
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
#
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
#
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
#
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
#
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
#

#
CREATERESTOREPOINT

#
Restore point Set: OTL Restore Point (56027131116781568)
#
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
#

#
========== Files/Folders - Created Within 30 Days ==========
#

#
[2011.05.03 15:16:32 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\PATOWIST\Plocha\OTL.exe
#
[2011.05.02 19:47:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Data aplikací\TS3Client
#
[2011.05.02 19:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TeamSpeak 3 Client
#
[2011.05.01 19:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Plocha\jak-pouzit-combofix_subory
#
[2011.04.28 22:14:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PATOWIST\Recent
#
[2011.04.27 20:58:06 | 000,307,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
#
[2011.04.27 20:58:06 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
#
[2011.04.27 20:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
#
[2011.04.27 20:58:03 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
#
[2011.04.27 20:58:03 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
#
[2011.04.27 20:58:03 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
#
[2011.04.27 20:58:02 | 000,102,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
#
[2011.04.27 20:58:02 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
#
[2011.04.27 20:58:01 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
#
[2011.04.27 20:57:01 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
#
[2011.04.27 20:57:00 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
#
[2011.04.27 20:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
#
[2011.04.27 20:56:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
#
[2011.04.18 01:11:42 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
#
[2011.04.18 00:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Data aplikací\Mikrotik
#
[2011.04.17 23:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\Sunbelt Software
#
[2011.04.17 23:55:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{ECC164E0-3133-4C70-A831-F08DB2940F70}
#
[2011.04.17 23:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Lavasoft
#
[2011.04.17 22:36:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\PhotoZoom Pro 4
#
[2011.04.17 17:21:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Data aplikací\advantage
#
[2011.04.17 03:43:25 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\rpcnetp
#
[2011.04.16 00:10:55 | 000,266,240 | ---- | C] (VentriloMIX by m|Ke) -- C:\Documents and Settings\PATOWIST\Plocha\VentriloMIX.exe
#
[2011.04.15 17:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
#
[2011.04.15 17:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
#
[2011.04.15 17:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe
#
[2011.04.15 16:19:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HP Product Assistant
#
[2011.04.15 16:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
#
[2011.04.15 16:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\HP
#
[2011.04.15 01:37:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Data aplikací\MyPhoneExplorer
#
[2011.04.15 01:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\MyPhoneExplorer
#
[2011.04.14 17:34:59 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
#
[2011.04.14 17:34:59 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
#
[2011.04.14 17:34:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
#
[2011.04.14 17:34:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
#
[2011.04.14 17:30:03 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
#
[2011.04.14 17:30:03 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
#
[2011.04.14 17:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
#
[2011.04.14 15:14:46 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Data aplikací\hpe163D.dll
#
[2011.04.14 15:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avanquest
#
[2011.04.14 15:10:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
#
[2011.04.14 15:06:30 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Data aplikací\hpe1596.dll
#
[2011.04.14 03:14:01 | 013,004,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
#
[2011.04.14 03:14:01 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco322090.dll
#
[2011.04.14 03:14:01 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco322040.dll
#
[2011.04.14 03:14:01 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
#
[2011.04.14 01:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Data aplikací\Chirurgie Simulation
#
[2011.04.13 20:29:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Dokumenty\18 WoS Extreme Trucker 2
#
[2011.04.13 18:15:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Dokumenty\18 WoS Convoy
#
[2011.04.12 20:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Dokumenty\ICQ
#
[2011.04.12 17:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
#
[2011.04.12 17:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ICQ7.4
#
[2011.04.12 16:57:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
#
[2011.04.12 16:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
#
[2011.04.12 16:56:56 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
#
[2011.04.12 16:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Data aplikací\ICQ
#
[2011.04.12 16:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.4
#
[2011.04.12 16:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
#
[2011.04.11 15:03:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
#
[2011.04.11 12:27:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Hagel Technologies
#
[2011.04.11 12:27:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DU Meter
#
[2011.04.10 22:50:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\NFS Underground 2
#
[2011.04.10 21:44:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\Electronic_Arts_Inc
#
[2011.04.10 20:58:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
#
[2011.04.10 20:57:45 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
#
[2011.04.10 20:57:44 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
#
[2011.04.10 20:57:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
#
[2011.04.10 20:57:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
#
[2011.04.09 22:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PATOWIST\Data aplikací\Mp3tag
#
[2011.04.09 21:56:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mp3tag
#
[2011.04.08 19:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Data aplikací\TuneUp Software
#
[2008.09.02 22:08:02 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\PATOWIST\Data aplikací\pcouffin.sys
#
[2007.10.27 12:18:12 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
#
[2007.10.27 12:18:12 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
#
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
#
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
#

#
========== Files - Modified Within 30 Days ==========
#

#
[2011.05.03 15:23:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
#
[2011.05.03 15:16:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PATOWIST\Plocha\OTL.exe
#
[2011.05.03 15:07:28 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
#
[2011.05.03 15:00:38 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
#
[2011.05.03 15:00:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
#
[2011.05.03 01:33:01 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
#
[2011.05.02 23:24:43 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Adobe Photoshop CS5.lnk
#
[2011.05.02 22:08:54 | 000,180,795 | ---- | M] () -- C:\WINDOWS\hpoins47.dat
#
[2011.05.02 21:04:59 | 000,022,189 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\ComboFix.exe
#
[2011.05.02 19:47:12 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TeamSpeak 3 Client.lnk
#
[2011.05.02 18:10:19 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
#
[2011.05.02 18:05:38 | 000,000,558 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\uTorrent.lnk
#
[2011.05.02 17:15:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Úklid 1 kliknutím.job
#
[2011.05.02 16:25:45 | 000,000,092 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Jak rozhodit moderátora TV a rádio Loupak.cz Videa, Hry a Soutěže.URL
#
[2011.05.02 15:43:33 | 000,216,040 | ---- | M] () -- C:\WINDOWS\hpoins47.dat.temp
#
[2011.05.01 22:45:59 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
#
[2011.05.01 21:36:54 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
#
[2011.05.01 19:27:54 | 000,052,382 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\jak-pouzit-combofix.htm
#
[2011.05.01 19:11:47 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
#
[2011.04.27 20:58:02 | 000,002,565 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
#
[2011.04.18 19:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
#
[2011.04.18 19:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
#
[2011.04.18 19:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
#
[2011.04.18 19:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
#
[2011.04.18 19:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
#
[2011.04.18 19:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
#
[2011.04.18 19:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
#
[2011.04.18 19:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
#
[2011.04.18 19:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
#
[2011.04.18 19:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
#
[2011.04.18 02:00:01 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PATWIST-PATOWIST.job
#
[2011.04.18 01:11:33 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
#
[2011.04.18 01:11:31 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
#
[2011.04.17 23:55:34 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
#
[2011.04.17 22:35:29 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PhotoZoom Pro 4.lnk
#
[2011.04.17 20:39:49 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
#
[2011.04.17 16:33:23 | 000,004,306 | ---- | M] () -- C:\WINDOWS\jqkx_m24.ini
#
[2011.04.17 16:33:23 | 000,001,440 | ---- | M] () -- C:\WINDOWS\cgxz-kn16.ini
#
[2011.04.17 14:55:39 | 000,253,112 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
#
[2011.04.17 14:55:39 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
#
[2011.04.17 14:55:38 | 000,253,104 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
#
[2011.04.16 14:04:23 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
#
[2011.04.16 00:11:26 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Ventrilo.lnk
#
[2011.04.15 18:59:14 | 003,613,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
#
[2011.04.15 17:54:52 | 000,783,738 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\PATWIST.psd
#
[2011.04.15 17:11:51 | 000,000,007 | ---- | M] () -- C:\WINDOWS\treeskp.sys
#
[2011.04.15 17:11:51 | 000,000,007 | ---- | M] () -- C:\WINDOWS\sbacknt.bin
#
[2011.04.15 12:34:32 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Unified Remote Server.lnk
#
[2011.04.15 01:37:18 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
#
[2011.04.14 22:44:03 | 000,002,581 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Word.lnk
#
[2011.04.14 19:22:17 | 000,001,940 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Sony Ericsson PC Companion 2.0.lnk
#
[2011.04.14 17:36:25 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Counter Strike Condition Zero.lnk
#
[2011.04.14 17:36:11 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Counter Strike 1.6.lnk
#
[2011.04.14 17:30:03 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
#
[2011.04.14 17:30:03 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
#
[2011.04.14 15:14:46 | 000,148,736 | ---- | M] (Avanquest Software) -- C:\Documents and Settings\All Users\Data aplikací\hpe163D.dll
#
[2011.04.14 15:06:30 | 000,148,736 | ---- | M] (Avanquest Software) -- C:\Documents and Settings\All Users\Data aplikací\hpe1596.dll
#
[2011.04.14 03:14:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
#
[2011.04.14 03:07:44 | 000,249,406 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
#
[2011.04.14 02:05:53 | 000,003,855 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
#
[2011.04.14 02:05:53 | 000,003,163 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
#
[2011.04.13 18:06:34 | 000,000,621 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Photoshop CS2.lnk
#
[2011.04.13 12:20:15 | 000,000,455 | ---- | M] () -- C:\WINDOWS\wininit.ini
#
[2011.04.12 17:00:43 | 000,001,498 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ.lnk
#
[2011.04.12 16:55:31 | 031,418,880 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Dokumenty\lol.avi
#
[2011.04.12 16:22:17 | 000,001,503 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
#
[2011.04.12 16:01:46 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\Internet Explorer.lnk
#
[2011.04.11 20:34:02 | 000,054,455 | ---- | M] () -- C:\WINDOWS\System32\kywiyxyslvhjvvr.exe
#
[2011.04.11 18:31:08 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-776561741-839522115-1005UA.job
#
[2011.04.11 18:31:08 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-776561741-839522115-1005Core.job
#
[2011.04.11 00:15:33 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Plocha\NFS U2.lnk
#
[2011.04.10 20:57:04 | 000,465,472 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
#
[2011.04.10 20:57:04 | 000,460,834 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
#
[2011.04.10 20:57:04 | 000,094,126 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
#
[2011.04.10 20:57:04 | 000,080,496 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
#
[2011.04.09 21:56:20 | 000,000,538 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mp3tag.lnk
#
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
#
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
#

#
========== Files Created - No Company Name ==========
#

#
[2011.05.03 15:23:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
#
[2011.05.02 23:24:43 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\Adobe Photoshop CS5.lnk
#
[2011.05.02 21:04:47 | 000,022,189 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\ComboFix.exe
#
[2011.05.02 19:47:12 | 000,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TeamSpeak 3 Client.lnk
#
[2011.05.02 18:05:38 | 000,000,558 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\uTorrent.lnk
#
[2011.05.02 16:25:45 | 000,000,092 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\Jak rozhodit moderátora TV a rádio Loupak.cz Videa, Hry a Soutěže.URL
#
[2011.05.01 19:27:54 | 000,052,382 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\jak-pouzit-combofix.htm
#
[2011.04.18 01:15:31 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
#
[2011.04.17 23:55:34 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
#
[2011.04.17 22:35:29 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\PhotoZoom Pro 4.lnk
#
[2011.04.17 16:33:23 | 000,004,306 | ---- | C] () -- C:\WINDOWS\jqkx_m24.ini
#
[2011.04.17 16:33:23 | 000,001,440 | ---- | C] () -- C:\WINDOWS\cgxz-kn16.ini
#
[2011.04.16 00:11:10 | 000,002,163 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\Ventrilo.lnk
#
[2011.04.15 20:30:23 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PATWIST-PATOWIST.job
#
[2011.04.15 17:54:49 | 000,783,738 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\PATWIST.psd
#
[2011.04.15 17:39:41 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Photoshop CS5.lnk
#
[2011.04.15 17:37:35 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Bridge CS5.lnk
#
[2011.04.15 17:36:29 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Device Central CS5.lnk
#
[2011.04.15 17:31:46 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Extension Manager CS5.lnk
#
[2011.04.15 17:31:16 | 000,001,195 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe ExtendScript Toolkit CS5.lnk
#
[2011.04.15 17:29:49 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Help.lnk
#
[2011.04.15 16:20:40 | 000,001,096 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Live ID.lnk
#
[2011.04.15 01:37:17 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
#
[2011.04.14 19:22:17 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Sony Ericsson PC Companion 2.0.lnk
#
[2011.04.14 16:10:39 | 000,000,007 | ---- | C] () -- C:\WINDOWS\treeskp.sys
#
[2011.04.14 16:10:39 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
#
[2011.04.14 03:14:34 | 000,253,112 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
#
[2011.04.14 03:14:29 | 000,253,104 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
#
[2011.04.14 03:14:29 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
#
[2011.04.14 03:14:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
#
[2011.04.14 03:14:01 | 000,003,630 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
#
[2011.04.13 18:06:22 | 000,000,621 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\Photoshop CS2.lnk
#
[2011.04.12 17:00:43 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ.lnk
#
[2011.04.12 16:57:04 | 000,002,283 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
#
[2011.04.12 16:55:22 | 031,418,880 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Dokumenty\lol.avi
#
[2011.04.12 16:22:17 | 000,001,509 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
#
[2011.04.12 16:22:17 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
#
[2011.04.12 16:01:46 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\Internet Explorer.lnk
#
[2011.04.11 20:32:16 | 000,054,455 | ---- | C] () -- C:\WINDOWS\System32\kywiyxyslvhjvvr.exe
#
[2011.04.11 00:15:33 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Plocha\NFS U2.lnk
#
[2011.04.09 21:56:20 | 000,000,538 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mp3tag.lnk
#
[2011.03.29 23:14:05 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl47.dat
#
[2011.03.28 23:52:36 | 000,180,795 | ---- | C] () -- C:\WINDOWS\hpoins47.dat
#
[2011.03.21 21:30:58 | 000,216,040 | ---- | C] () -- C:\WINDOWS\hpoins47.dat.temp
#
[2011.03.21 21:30:58 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl47.dat.temp
#
[2011.03.21 18:51:05 | 000,008,434 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Data aplikací\34DE.489
#
[2010.01.30 14:36:44 | 000,000,455 | ---- | C] () -- C:\WINDOWS\wininit.ini
#
[2010.01.05 12:12:41 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
#
[2009.12.23 13:21:37 | 000,001,726 | ---- | C] () -- C:\WINDOWS\ndinst.exe
#
[2009.12.14 18:43:22 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
#
[2009.12.14 16:54:06 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
#
[2009.12.11 15:08:46 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
#
[2009.12.08 16:06:27 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
#
[2009.12.08 16:06:27 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
#
[2009.12.08 16:06:27 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
#
[2009.12.08 16:06:27 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
#
[2009.11.11 17:32:11 | 000,000,103 | ---- | C] () -- C:\WINDOWS\pro.INI
#
[2009.10.25 21:16:21 | 000,002,434 | ---- | C] () -- C:\WINDOWS\d.ini
#
[2009.10.10 19:38:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
#
[2009.09.29 17:10:10 | 000,000,003 | ---- | C] () -- C:\Program Files\Common Files\time.cv
#
[2009.09.27 16:12:22 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
#
[2009.09.24 18:52:00 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
#
[2009.09.16 21:41:14 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
#
[2009.09.16 19:06:51 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
#
[2009.07.05 22:56:30 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
#
[2009.06.26 19:38:39 | 000,000,183 | ---- | C] () -- C:\WINDOWS\aimpr.ini
#
[2009.05.13 15:31:20 | 000,001,498 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
#
[2009.04.03 15:46:08 | 000,000,049 | ---- | C] () -- C:\WINDOWS\iltwain.ini
#
[2009.03.11 13:10:03 | 000,000,163 | ---- | C] () -- C:\WINDOWS\fre.INI
#
[2009.03.11 11:18:24 | 000,000,079 | ---- | C] () -- C:\WINDOWS\pdf2text.INI
#
[2009.03.07 17:01:53 | 000,000,124 | ---- | C] () -- C:\WINDOWS\Winchat.ini
#
[2009.01.10 20:52:31 | 000,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
#
[2008.12.22 11:48:32 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
#
[2008.12.22 11:38:44 | 000,374,272 | ---- | C] () -- C:\WINDOWS\System32\mss32.dll
#
[2008.12.22 10:32:48 | 000,374,272 | ---- | C] () -- C:\WINDOWS\mss32.dll
#
[2008.12.03 22:08:39 | 000,122,980 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Data aplikací\NMM-MetaData.db
#
[2008.11.21 23:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
#
[2008.10.20 07:18:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
#
[2008.10.20 07:18:20 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
#
[2008.10.20 07:18:12 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
#
[2008.09.25 15:07:10 | 000,000,211 | ---- | C] () -- C:\WINDOWS\POD.INI
#
[2008.09.25 15:06:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
#
[2008.09.12 14:04:33 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Data aplikací\vso_ts_preview.xml
#
[2008.09.12 14:04:04 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Data aplikací\inst.exe
#
[2008.09.02 22:08:02 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Data aplikací\ezpinst.exe
#
[2008.09.02 22:08:02 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Data aplikací\pcouffin.cat
#
[2008.09.02 22:08:02 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Data aplikací\pcouffin.inf
#
[2008.09.02 13:04:34 | 000,118,784 | ---- | C] () -- C:\WINDOWS\GREUninstall.exe
#
[2008.08.06 23:56:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\RgsdData.dat
#
[2008.08.06 23:56:54 | 000,000,016 | ---- | C] () -- C:\WINDOWS\odbctrp.ini
#
[2008.06.22 10:42:54 | 000,231,936 | ---- | C] () -- C:\WINDOWS\System32\Robbie.dll
#
[2008.04.16 17:56:17 | 000,000,217 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
#
[2008.04.12 23:10:27 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
#
[2008.03.03 12:04:07 | 000,000,045 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
#
[2008.01.21 10:57:58 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
#
[2008.01.21 10:39:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
#
[2008.01.03 14:42:04 | 000,000,088 | ---- | C] () -- C:\WINDOWS\STXKBD32.INI
#
[2008.01.03 14:41:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
#
[2008.01.03 14:39:18 | 000,005,299 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
#
[2008.01.03 14:39:03 | 000,002,636 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
#
[2007.10.12 12:00:44 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
#
[2007.10.12 11:59:43 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
#
[2007.09.12 20:39:15 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\pwlshell.dll
#
[2007.08.29 00:21:15 | 000,000,262 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat
#
[2007.08.27 14:22:01 | 000,176,128 | ---- | C] () -- C:\WINDOWS\Block_VAC.exe
#
[2007.08.14 14:48:22 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
#
[2007.07.07 14:40:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\dummy.dat
#
[2007.07.07 12:22:53 | 000,003,163 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
#
[2007.07.06 19:16:56 | 000,003,855 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
#
[2007.06.27 17:14:15 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
#
[2007.06.17 16:16:44 | 000,065,024 | ---- | C] () -- C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
#
[2007.06.13 07:34:30 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
#
[2007.06.13 07:09:09 | 000,009,724 | ---- | C] () -- C:\WINDOWS\mozver.dat
#
[2007.06.12 17:34:24 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
#
[2007.06.12 16:17:08 | 000,134,911 | ---- | C] () -- C:\WINDOWS\HPHins12.dat
#
[2007.06.12 16:17:08 | 000,014,916 | ---- | C] () -- C:\WINDOWS\hphmdl12.dat
#
[2007.05.06 16:58:14 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
#
[2007.05.06 16:36:41 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
#
[2007.05.06 16:35:26 | 003,613,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
#
[2007.05.06 16:10:40 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI
#
[2007.05.06 15:10:50 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
#
[2007.05.06 15:10:50 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
#
[2007.05.06 14:49:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
#
[2007.05.06 14:44:20 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
#
[2006.06.01 11:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
#
[2006.06.01 11:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
#
[2006.03.19 13:34:58 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\SerialCE.dll
#
[2006.03.19 13:34:42 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\SerialXP.dll
#
[2006.01.16 08:59:18 | 000,393,216 | ---- | C] () -- C:\WINDOWS\System32\rzvqse.dll
#
[2005.12.22 20:23:08 | 000,816,640 | RHS- | C] () -- C:\WINDOWS\System32\smab.dll
#
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
#
[2005.10.24 11:13:58 | 000,066,560 | RHS- | C] () -- C:\WINDOWS\MOTA113.exe
#
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
#
[2005.10.14 11:56:50 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
#
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
#
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
#
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
#
[2005.10.14 11:56:50 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
#
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
#
[2005.10.13 21:27:00 | 000,422,400 | RHS- | C] () -- C:\WINDOWS\x2.64.exe
#
[2005.09.02 15:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
#
[2005.07.22 22:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
#
[2005.07.14 12:31:20 | 000,027,648 | RHS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
#
[2005.06.21 22:37:42 | 000,045,568 | RHS- | C] () -- C:\WINDOWS\System32\cygz.dll
#
[2005.05.13 17:12:00 | 000,217,073 | RHS- | C] () -- C:\WINDOWS\meta4.exe
#
[2005.02.28 13:16:22 | 000,240,128 | RHS- | C] () -- C:\WINDOWS\System32\x.264.exe
#
[2004.08.22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
#
[2004.08.17 17:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
#
[2004.08.02 16:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
#
[2004.07.20 18:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
#
[2004.01.15 15:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
#
[2002.09.18 00:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
#
[2001.10.25 18:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
#
[2001.10.25 18:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
#
[2001.10.25 18:00:00 | 000,465,472 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
#
[2001.10.25 18:00:00 | 000,460,834 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
#
[2001.10.25 18:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
#
[2001.10.25 18:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
#
[2001.10.25 18:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
#
[2001.10.25 18:00:00 | 000,094,126 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
#
[2001.10.25 18:00:00 | 000,080,496 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
#
[2001.10.25 18:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
#
[2001.10.25 18:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
#
[2001.10.25 18:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
#
[2001.10.25 18:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
#
[2001.10.25 18:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
#
[2001.01.12 11:52:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\vbpng1.dll
#
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
#

#
========== LOP Check ==========
#

#
[2010.01.28 20:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
#
[2011.04.14 15:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avanquest
#
[2011.04.27 20:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
#
[2009.09.16 20:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
#
[2011.04.14 15:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
#
[2009.11.29 22:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
#
[2011.04.11 15:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverScanner
#
[2008.12.29 15:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FlashFXP
#
[2009.06.26 18:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
#
[2009.08.09 19:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
#
[2007.09.01 17:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
#
[2008.03.12 20:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
#
[2008.05.09 17:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Oberon Games
#
[2008.12.14 20:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
#
[2011.04.15 17:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
#
[2009.12.08 16:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
#
[2008.12.14 15:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SRSLabs
#
[2010.04.28 22:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
#
[2009.10.01 18:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\The Skins Factory
#
[2009.10.05 20:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
#
[2011.03.29 21:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
#
[2009.04.26 09:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
#
[2011.03.28 19:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Web Page Maker
#
[2011.03.29 21:21:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
#
[2009.09.28 21:52:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
#
[2009.09.16 22:03:47 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
#
[2011.01.08 21:11:02 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
#
[2011.04.11 14:56:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
#
[2011.04.17 23:55:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{ECC164E0-3133-4C70-A831-F08DB2940F70}
#
[2011.04.08 19:28:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\TuneUp Software
#
[2010.01.28 20:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Acronis
#
[2011.04.27 21:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\advantage
#
[2009.01.02 21:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Aleo Software
#
[2007.07.06 18:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Ashampoo
#
[2009.02.12 15:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Azureus
#
[2008.01.26 21:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Cashfiesta
#
[2011.04.14 01:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Chirurgie Simulation
#
[2009.01.05 10:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\DAEMON Tools
#
[2008.01.08 15:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Datalayer
#
[2011.02.18 01:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\DDMSettings
#
[2009.03.25 16:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Desktop Sidebar
#
[2009.09.17 15:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\esmska
#
[2011.03.21 01:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Faces
#
[2009.10.13 15:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\FileZilla
#
[2008.12.29 15:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\FlashFXP
#
[2008.11.30 00:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\fltk.org
#
[2008.06.10 15:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\FreeCall
#
[2009.01.20 21:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\HTNetMeter
#
[2011.04.17 23:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\ICQ
#
[2007.10.29 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\ICQ Toolbar
#
[2009.03.11 11:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\InfoTurist
#
[2007.08.06 09:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\InterVideo
#
[2010.01.30 14:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Juce VST Host
#
[2007.09.01 17:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\LangSoft
#
[2011.04.18 00:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Mikrotik
#
[2011.04.09 22:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Mp3tag
#
[2011.04.15 02:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\MyPhoneExplorer
#
[2008.12.03 22:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Nokia
#
[2009.06.01 16:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Nokia Multimedia Player
#
[2008.01.03 15:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Nvu
#
[2008.09.02 12:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Opera
#
[2009.05.17 21:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\PC Suite
#
[2008.10.05 20:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Publish Providers
#
[2009.09.05 15:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\QIP
#
[2009.12.08 21:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Simply Super Software
#
[2007.12.14 17:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Smart PC Solutions
#
[2011.03.15 21:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Sony
#
[2008.04.12 23:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\The Complete Genealogy Reporter - FTB
#
[2009.09.24 16:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Thinstall
#
[2009.12.26 11:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Thunderbird
#
[2007.06.21 16:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Top Systems
#
[2008.01.23 23:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Toshiba
#
[2011.05.02 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\TS3Client
#
[2011.04.12 20:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\TuneUp Software
#
[2008.03.18 22:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\TV JOJ Media Player
#
[2009.04.26 09:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Ulead Systems
#
[2011.04.11 18:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Uniblue
#
[2011.05.03 01:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\uTorrent
#
[2008.01.23 12:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Voipwise
#
[2010.05.10 22:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Vso
#
[2009.07.28 10:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Web Page Maker
#
[2009.01.31 11:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\WebCompiler3
#
[2010.12.21 17:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\X-Chat 2
#
[2009.05.12 18:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\XCPCSync.OEM
#
[2011.05.03 15:07:28 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
#
[2011.05.02 17:15:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job
#

#
========== Purity Check ==========
#

#

#

#
========== Custom Scans ==========
#

#

#
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
#
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 17:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
#
"Sony Ericsson PC Companion" = "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background -- [2011.02.28 16:15:30 | 000,427,008 | ---- | M] (Sony Ericsson)
#

#
< c:\windows\*.* /U >
#
[6 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
#

#
< %SYSTEMDRIVE%\*.exe >
#

#
< %ALLUSERSPROFILE%\Application Data\*. >
#

#
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
#

#
< %APPDATA%\*. >
#
[2010.01.28 20:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Acronis
#
[2011.04.15 17:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Adobe
#
[2007.07.10 11:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\AdobeUM
#
[2011.04.27 21:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\advantage
#
[2007.11.27 16:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Ahead
#
[2009.01.02 21:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Aleo Software
#
[2007.07.27 20:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Apple Computer
#
[2007.07.06 18:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Ashampoo
#
[2009.02.12 15:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Azureus
#
[2008.01.26 21:01:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Cashfiesta
#
[2011.04.14 01:02:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Chirurgie Simulation
#
[2009.01.05 10:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\DAEMON Tools
#
[2008.01.08 15:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Datalayer
#
[2011.02.18 01:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\DDMSettings
#
[2009.03.25 16:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Desktop Sidebar
#
[2011.03.08 22:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\DivX
#
[2009.09.17 15:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\esmska
#
[2011.03.21 01:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Faces
#
[2009.10.13 15:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\FileZilla
#
[2008.12.29 15:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\FlashFXP
#
[2008.11.30 00:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\fltk.org
#
[2008.06.10 15:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\FreeCall
#
[2007.11.20 17:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Google
#
[2008.09.15 15:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Hamachi
#
[2007.10.27 14:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Help
#
[2011.03.22 00:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\HP
#
[2011.04.15 16:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\HpUpdate
#
[2009.01.20 21:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\HTNetMeter
#
[2011.04.17 23:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\ICQ
#
[2007.10.29 16:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\ICQ Toolbar
#
[2007.06.14 15:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Identities
#
[2008.01.26 22:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\IDMComp
#
[2009.03.11 11:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\InfoTurist
#
[2009.12.25 10:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\InstallShield
#
[2007.08.06 09:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\InterVideo
#
[2010.01.30 14:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Juce VST Host
#
[2007.09.01 17:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\LangSoft
#
[2007.08.01 19:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Lavasoft
#
[2010.01.30 14:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Macromedia
#
[2009.08.02 14:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Malwarebytes
#
[2008.10.20 07:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Media Player Classic
#
[2011.04.27 21:50:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Microsoft
#
[2011.04.18 00:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Mikrotik
#
[2009.01.19 18:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\mIRC
#
[2011.03.20 20:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Mozilla
#
[2011.04.09 22:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Mp3tag
#
[2011.04.15 02:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\MyPhoneExplorer
#
[2009.07.27 20:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Nero
#
[2007.08.02 11:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\NeroVision
#
[2008.12.03 22:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Nokia
#
[2009.06.01 16:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Nokia Multimedia Player
#
[2008.01.03 15:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Nvu
#
[2008.09.02 12:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Opera
#
[2009.05.17 21:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\PC Suite
#
[2008.10.05 20:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Publish Providers
#
[2009.09.05 15:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\QIP
#
[2008.10.30 21:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Real
#
[2009.12.08 21:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Simply Super Software
#
[2011.05.02 21:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Skype
#
[2011.05.01 22:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\skypePM
#
[2007.12.14 17:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Smart PC Solutions
#
[2009.07.30 12:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\SmartFTP
#
[2011.03.15 21:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Sony
#
[2007.06.25 18:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Sun
#
[2008.09.13 19:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\teamspeak2
#
[2008.04.12 23:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\The Complete Genealogy Reporter - FTB
#
[2009.09.24 16:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Thinstall
#
[2009.12.26 11:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Thunderbird
#
[2007.06.21 16:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Top Systems
#
[2008.01.23 23:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Toshiba
#
[2011.05.02 19:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\TS3Client
#
[2011.04.12 20:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\TuneUp Software
#
[2008.03.18 22:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\TV JOJ Media Player
#
[2009.04.26 09:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Ulead Systems
#
[2011.04.11 18:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Uniblue
#
[2011.05.03 01:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\uTorrent
#
[2008.07.17 10:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Ventrilo
#
[2008.01.23 12:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Voipwise
#
[2010.05.10 22:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Vso
#
[2009.07.28 10:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\Web Page Maker
#
[2009.01.31 11:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\WebCompiler3
#
[2008.12.14 13:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\WinRAR
#
[2010.12.21 17:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\X-Chat 2
#
[2009.05.12 18:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PATOWIST\Data aplikací\XCPCSync.OEM
#

#
< %APPDATA%\*.exe /s >
#
[2008.09.12 14:09:50 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Data aplikací\ezpinst.exe
#
[2009.10.17 14:06:41 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\PATOWIST\Data aplikací\inst.exe
#
[2011.04.29 01:32:32 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\PATOWIST\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
#
[2009.07.24 10:11:41 | 001,878,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\PATOWIST\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
#
[2010.12.27 16:02:28 | 003,761,072 | ---- | M] (Simply Super Software) -- C:\Documents and Settings\PATOWIST\Data aplikací\Simply Super Software\Trojan Remover\nog46.exe
#

#

#
< MD5 for: AGP440.SYS >
#
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
#

#
< MD5 for: ATAPI.SYS >
#
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
#
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
#

#
< MD5 for: CDROM.SYS >
#
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
#
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
#

#
< MD5 for: CRYPTSVC.DLL >
#
[2004.08.17 17:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
#
[2004.08.17 17:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
#

#
< MD5 for: EVENTLOG.DLL >
#
[2004.08.17 17:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
#
[2004.08.17 17:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
#

#
< MD5 for: EXPLORER.EXE >
#
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
#
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
#
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe
#

#
< MD5 for: HAL.DLL >
#
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
#
[2004.08.04 00:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll
#

#
< MD5 for: CHANGER.SYS >
#
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
#

#
< MD5 for: ISAPNP.SYS >
#
[2001.10.25 18:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
#

#
< MD5 for: LSASS.EXE >
#
[2004.08.17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
#
[2004.08.17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
#

#
< MD5 for: NDIS.SYS >
#
[2004.08.04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
#
[2004.08.04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
#

#
< MD5 for: NETLOGON.DLL >
#
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
#
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
#
[2004.08.17 17:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
#
[2004.08.17 17:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
#

#
< MD5 for: SCECLI.DLL >
#
[2004.08.17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
#
[2004.08.17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
#

#
< MD5 for: SMSS.EXE >
#
[2004.08.17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
#
[2004.08.17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
#

#
< MD5 for: SVCHOST.EXE >
#
[2004.08.17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
#
[2004.08.17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
#

#
< MD5 for: TCPIP.SYS >
#
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
#
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
#
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
#
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
#
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
#
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
#
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
#

#
< MD5 for: USERINIT.EXE >
#
[2004.08.17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
#
[2004.08.17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
#

#
< MD5 for: WINLOGON.EXE >
#
[2004.08.17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
#
[2004.08.17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
#

#
< MD5 for: WS2_32.DLL >
#
[2004.08.17 17:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
#
[2004.08.17 17:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
#

#
< %systemroot%\*. /mp /s >
#

#
< %systemroot%\system32\*.dll /lockedfiles >
#
[2010.03.10 08:17:40 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\vbscript.dll
#
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
#

#
< %systemroot%\Tasks\*.job /lockedfiles >
#

#
< %systemroot%\system32\drivers\*.sys /lockedfiles >
#
[2009.01.05 10:32:07 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
#

#
< %systemroot%\System32\config\*.sav >
#
[2007.05.06 16:34:44 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
#
[2007.05.06 16:34:44 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
#
[2007.05.06 16:34:44 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
#

#
< %systemroot%\system32\*.dll /lockedfiles >
#
[2010.03.10 08:17:40 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\vbscript.dll
#
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
#

#
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
#
! REG.EXE VERSION 3.0
#
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
#

#
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
#
! REG.EXE VERSION 3.0
#
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
#
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
#

#
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
#
! REG.EXE VERSION 3.0
#
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
#
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
#

#
< %systemroot%\system32\drivers\*.sys /3 >
#

#
< %systemroot%\system32\*.* /3 >
#
[2011.05.01 19:11:47 | 000,002,228 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
#
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
#

#
========== Alternate Data Streams ==========
#

#
@Alternate Data Stream - 401 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
#
@Alternate Data Stream - 160 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9D1B94FD
#
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ECF54A0E
#
@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:7204B89D
#
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
#
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2B19EBF3
#
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:10D98D98
#

#
< End of report >

než se tím prokoušu, otestujte na www.virustotal.com
C:\PhysicalMBR.bin

Taký súbor tam nemám po tom scane mi to zobrazovalo skryté súbory a zložky tak som to asi zmazal. Ale robím scan znova.

boože,hlavně nic nemažte, nebo si smažete systémové soubory a můžete rovnou reinstalit

V súbore PhysicalMBR.bin nenašlo nič. Tento súbor sa vytvorí pri začatí scanovania v OTL.

LOG S VIRUSTOTAL

PhysicalMBR.bin
Submission date:
2011-05-03 18:40:20 (UTC)
Current status:
queued (#37) queued analysing finished
Result:
0/ 42 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.05.04.00 2011.05.03 -
AntiVir 7.11.7.124 2011.05.03 -
Antiy-AVL 2.0.3.7 2011.05.03 -
Avast 4.8.1351.0 2011.05.03 -
Avast5 5.0.677.0 2011.05.03 -
AVG 10.0.0.1190 2011.05.03 -
BitDefender 7.2 2011.05.03 -
CAT-QuickHeal 11.00 2011.05.03 -
ClamAV 0.97.0.0 2011.05.03 -
Commtouch 5.3.2.6 2011.05.03 -
Comodo 8569 2011.05.03 -
DrWeb 5.0.2.03300 2011.05.03 -
Emsisoft 5.1.0.5 2011.05.03 -
eSafe 7.0.17.0 2011.05.02 -
eTrust-Vet 36.1.8304 2011.05.03 -
F-Prot 4.6.2.117 2011.05.02 -
F-Secure 9.0.16440.0 2011.05.03 -
Fortinet 4.2.257.0 2011.05.03 -
GData 22 2011.05.03 -
Ikarus T3.1.1.103.0 2011.05.03 -
Jiangmin 13.0.900 2011.05.03 -
K7AntiVirus 9.99.4552 2011.05.03 -
Kaspersky 9.0.0.837 2011.05.03 -
McAfee 5.400.0.1158 2011.05.03 -
McAfee-GW-Edition 2010.1D 2011.05.03 -
Microsoft 1.6802 2011.05.03 -
NOD32 6092 2011.05.03 -
Norman 6.07.07 2011.05.03 -
Panda 10.0.3.5 2011.05.03 -
PCTools 7.0.3.5 2011.05.03 -
Prevx 3.0 2011.05.03 -
Rising 23.56.01.06 2011.05.03 -
Sophos 4.64.0 2011.05.03 -
SUPERAntiSpyware 4.40.0.1006 2011.05.03 -
Symantec 20101.3.2.89 2011.05.03 -
TheHacker 6.7.0.1.187 2011.05.03 -
TrendMicro 9.200.0.1012 2011.05.03 -
TrendMicro-HouseCall 9.200.0.1012 2011.05.03 -
VBA32 3.12.16.0 2011.05.02 -
VIPRE 9188 2011.05.03 -
ViRobot 2011.5.3.4443 2011.05.03 -
VirusBuster 13.6.334.0 2011.05.03 -

Však ano, to jsme si nechala vyrobit v OTL

Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

Medzitým som našiel na internete návod na ComboFix a tak som sa rozhodol že ešte raz skúsim premenovať ComboFix.exe na nieco.com a išlo to! pretože ja som vtedy premenovával na nieco.com.exe a teraz na nieco.com (A áno aj o tom OTL a o súbore PhysicalMBR.bin som sa už dozvedel na podobnom fóre)

LOG S COMBOFIX:

ComboFix 11-05-02.04 - PATOWIST . 05. 2011 21:04:58.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.468 [GMT 2:00]
Spuštěný z: c:\documents and settings\PATOWIST\Plocha\zabijak.com
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Data aplikací\hpe1596.dll
c:\documents and settings\All Users\Data aplikací\hpe163D.dll
c:\documents and settings\PATOWIST\Data aplikací\AdVantage
c:\documents and settings\PATOWIST\Data aplikací\Faces
c:\documents and settings\PATOWIST\Data aplikací\Faces\Faces.prf
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\advtool.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\advtool.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\dhcp.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\dhcp.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\hotspot.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\hotspot.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\mpls.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\mpls.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\ppp.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\ppp.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\roteros.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\roteros.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\roting4.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\roting4.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\secure.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\secure.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\system.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\system.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\wlan4.crc
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\4.17-3645232678\wlan4.dll
c:\documents and settings\PATOWIST\Data aplikací\Mikrotik\Winbox\winbox.cfg
c:\documents and settings\PATOWIST\Local Settings\Temporary Internet Files\10506bbe
c:\documents and settings\PATOWIST\Local Settings\Temporary Internet Files\8889633f
c:\documents and settings\PATOWIST\WINDOWS
c:\program files\Common Files\bssrepp
c:\program files\Common Files\bssrepp\keylog.txt
c:\program files\Common Files\time.cv
c:\windows\d.ini
c:\windows\daemon.dll
c:\windows\ST6UNST.000
c:\windows\system32\drivers\etc\hosts1
c:\windows\system32\Ijl11.dll
c:\windows\system32\Thumbs.db
c:\windows\system32\tmp.tmp
c:\windows\system32\vbpng1.dll
c:\windows\Web\ddid
c:\windows\Web\ddnm
c:\windows\Web\ddsn
c:\windows\Web\result.dark
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ABEL
-------\Legacy_NPF
-------\Legacy_XPROTECTOR
-------\Service_Abel
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-03 do 2011-05-03 )))))))))))))))))))))))))))))))
.
.
2011-05-03 17:45 . 2011-05-03 18:41 512 ----a-w- C:\PhysicalMBR.bin
2011-05-02 17:47 . 2011-05-02 17:48 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\TS3Client
2011-04-27 18:58 . 2011-04-18 17:17 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-27 18:58 . 2011-04-18 17:12 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-27 18:58 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-27 18:58 . 2011-04-18 17:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-27 18:58 . 2011-04-18 17:13 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-27 18:58 . 2011-04-18 17:16 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-27 18:58 . 2011-04-18 17:16 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-27 18:58 . 2011-04-18 17:13 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-27 18:57 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr
2011-04-27 18:57 . 2011-04-18 17:25 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-27 18:56 . 2011-04-27 18:56 -------- d-----w- c:\program files\AVAST Software
2011-04-27 18:56 . 2011-04-27 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-04-17 23:11 . 2011-04-17 23:11 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-17 21:59 . 2011-04-17 21:59 -------- d-----w- c:\documents and settings\PATOWIST\Local Settings\Data aplikací\Sunbelt Software
2011-04-17 21:55 . 2011-04-17 21:55 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2011-04-17 01:43 . 2011-04-27 19:37 -------- d-sh--r- c:\windows\system32\rpcnetp
2011-04-15 15:41 . 2011-04-15 15:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2011-04-15 15:33 . 2011-04-15 15:33 -------- d-----w- c:\program files\Adobe Media Player
2011-04-15 14:19 . 2011-04-15 14:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP Product Assistant
2011-04-15 14:16 . 2011-04-15 14:20 -------- d-----w- c:\program files\HP
2011-04-14 23:37 . 2011-04-15 00:08 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\MyPhoneExplorer
2011-04-14 15:34 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-04-14 15:34 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-04-14 15:34 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-04-14 15:34 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-04-14 15:30 . 2011-04-14 15:30 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-14 15:30 . 2011-04-14 15:30 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-14 15:30 . 2011-04-14 15:30 -------- d-----w- c:\program files\OpenAL
2011-04-14 14:10 . 2011-04-15 15:11 7 ----a-w- c:\windows\treeskp.sys
2011-04-14 14:10 . 2011-04-15 15:11 7 ----a-w- c:\windows\sbacknt.bin
2011-04-14 13:10 . 2011-04-14 13:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avanquest
2011-04-14 13:10 . 2011-04-14 13:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\BVRP Software
2011-04-14 01:14 . 2011-04-17 12:55 253112 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-14 01:14 . 2011-04-17 12:55 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-14 01:14 . 2011-04-17 12:55 253104 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-14 01:14 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-14 01:14 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-14 01:14 . 2011-01-08 03:27 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-14 01:14 . 2011-01-08 03:27 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-13 23:02 . 2011-04-13 23:02 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\Chirurgie Simulation
2011-04-13 10:20 . 2011-03-16 13:34 2634240 ----a-w- c:\program files\Mozilla Firefox\extensions\{12d2b889-7ccb-0af6-4126-806f13689ed0}\components\71460a96.dll
2011-04-12 15:06 . 2011-04-17 16:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype Extras
2011-04-12 14:57 . 2011-04-12 14:57 -------- d-----w- c:\program files\Common Files\Skype
2011-04-12 14:56 . 2011-04-12 14:57 -------- d-----r- c:\program files\Skype
2011-04-12 14:44 . 2011-04-17 21:12 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\ICQ
2011-04-12 14:44 . 2011-04-12 15:29 -------- d-----w- c:\program files\ICQ7.4
2011-04-12 14:22 . 2011-04-12 14:22 -------- d-----w- c:\program files\Opera
2011-04-11 18:32 . 2011-04-11 18:34 54455 ----a-w- c:\windows\system32\kywiyxyslvhjvvr.exe
2011-04-11 13:03 . 2011-04-11 13:03 -------- d-----w- c:\documents and settings\All Users\Uniblue
2011-04-11 10:27 . 2011-04-11 10:27 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Hagel Technologies
2011-04-10 20:50 . 2011-04-10 23:12 -------- d-----w- c:\documents and settings\PATOWIST\Local Settings\Data aplikací\NFS Underground 2
2011-04-10 19:44 . 2011-04-10 19:44 -------- d-----w- c:\documents and settings\PATOWIST\Local Settings\Data aplikací\Electronic_Arts_Inc
2011-04-10 18:57 . 2011-02-02 19:40 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-04-10 18:57 . 2011-02-02 19:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-09 20:41 . 2011-04-09 20:49 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\Mp3tag
2011-04-08 17:28 . 2011-04-08 17:28 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\TuneUp Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-17 23:11 . 2009-09-16 17:06 15880 ----a-w- c:\windows\system32\lsdelete.exe
2011-03-26 14:09 . 2011-03-26 14:09 1409 ----a-w- c:\windows\QTFont.for
2011-03-24 17:55 . 2011-03-24 17:55 14336 ----a-w- c:\windows\system32\qeykvoic¨.exe
2011-03-04 15:32 . 2011-03-29 19:24 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-03-04 15:28 . 2011-03-29 19:24 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-02-17 17:06 . 2011-03-22 21:01 160560 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-17 17:06 . 2011-03-22 21:00 44784 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-02-17 17:06 . 2011-02-17 17:06 122032 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-02-17 17:06 . 2011-02-17 17:06 135472 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2005-05-13 15:12 217073 --sha-r- c:\windows\meta4.exe
2005-10-24 09:13 66560 --sha-r- c:\windows\MOTA113.exe
2005-10-13 19:27 422400 --sha-r- c:\windows\x2.64.exe
2005-10-07 17:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2005-12-22 18:23 816640 --sha-r- c:\windows\system32\smab.dll
2005-02-28 11:16 240128 --sha-r- c:\windows\system32\x.264.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-04 16120832]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2011-04-17 928496]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"Nokia.PCSync"="d:\programy\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 11 (0xb)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RAinit]
2008-07-03 13:12 58704 ----a-w- c:\windows\system32\RAinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-12-15 20:07 1242448 ----a-w- d:\programy\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"Abel"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"=d:\programy\Steam\steam.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" silent loginmode=4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /install
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
"sdodcoectjloen"=c:\windows\System32\regsvr32.exe /s "c:\windows\system32\bjdooocacko.dll"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"qeykvoic¨"=c:\windows\System32\qeykvoic¨.exe
"PCSuiteTrayApplication"=d:\programy\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe -startup
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\condition zero\\hl.exe"=
"d:\\Programy\\Steam\\Steam.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\dedicated server\\hlds.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\dedicated server\\hltv.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Java\\jre1.6.0_01\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"d:\\Programy\\totalcmd\\TOTALCMD.EXE"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\hl.exe"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\hlds.exe"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\cstrike.exe"=
"d:\\Games\\stahujem\\OTHERS\\HTML\\Prizee\\Prizee Offline\\serwer_prizee.exe"=
"d:\\Games\\stahujem\\OTHERS\\HTML\\Prizee\\Prizee Offline\\http_prizee.exe"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\hltv.exe"=
"d:\\Programy\\uTorrent\\utorrent.exe"=
"d:\\Programy\\Phone Remote Control\\PhoneRemoteControl.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"d:\\Games\\stahujem\\hack\\Ovladanie PC\\Net Control\\Osa9.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"d:\\Programy\\Unified Remote\\UnifiedRemoteServer.exe"=
"d:\\Games\\stahujem\\hack\\realhack\\aa\\DoS attack by marsmela - posterus.cz DOWN programs\\SuperScan.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Programy\\MyPhoneExplorer\\MyPhoneExplorer.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Games\\stahujem\\Software\\Tlaciaren\\setup\\hpznui01.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\counter-strike\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"1620:TCP"= 1620:TCP:Services
"1740:TCP"= 1740:TCP:Services
"7507:TCP"= 7507:TCP:Services
"6180:TCP"= 6180:TCP:Services
"9524:TCP"= 9524:TCP:Services
"4821:TCP"= 4821:TCP:Services
"3885:TCP"= 3885:TCP:Services
"8368:TCP"= 8368:TCP:Services
"5054:TCP"= 5054:TCP:Services
"9870:TCP"= 9870:TCP:Services
"2492:TCP"= 2492:TCP:Services
"1964:TCP"= 1964:TCP:Services
"7462:TCP"= 7462:TCP:Services
"3135:TCP"= 3135:TCP:Services
"7758:TCP"= 7758:TCP:Services
"3703:TCP"= 3703:TCP:Services
"8242:TCP"= 8242:TCP:Services
"3337:TCP"= 3337:TCP:Services
"3368:TCP"= 3368:TCP:Services
"3290:TCP"= 3290:TCP:Services
"1571:TCP"= 1571:TCP:Services
"8741:TCP"= 8741:TCP:Services
"6975:TCP"= 6975:TCP:Services
"5164:TCP"= 5164:TCP:Services
"1695:TCP"= 1695:TCP:Services
"9164:TCP"= 9164:TCP:Services
"2775:TCP"= 2775:TCP:Services
"6102:TCP"= 6102:TCP:Services
"7759:TCP"= 7759:TCP:Services
"5214:TCP"= 5214:TCP:Services
"1509:TCP"= 1509:TCP:Services
"5665:TCP"= 5665:TCP:Services
"9522:TCP"= 9522:TCP:Services
"1821:TCP"= 1821:TCP:Services
"4602:TCP"= 4602:TCP:Services
"6257:TCP"= 6257:TCP:Services
"9366:TCP"= 9366:TCP:Services
"5179:TCP"= 5179:TCP:Services
"3022:TCP"= 3022:TCP:Services
"4257:TCP"= 4257:TCP:Services
"2523:TCP"= 2523:TCP:Services
"6100:TCP"= 6100:TCP:Services
"2726:TCP"= 2726:TCP:Services
"8574:TCP"= 8574:TCP:Services
"6507:TCP"= 6507:TCP:Services
"5928:TCP"= 5928:TCP:Services
"2727:TCP"= 2727:TCP:Services
"6867:TCP"= 6867:TCP:Services
"2711:TCP"= 2711:TCP:Services
"6757:TCP"= 6757:TCP:Services
"1587:TCP"= 1587:TCP:Services
"2759:TCP"= 2759:TCP:Services
"8883:TCP"= 8883:TCP:Services
"2977:TCP"= 2977:TCP:Services
"3664:TCP"= 3664:TCP:Services
"3242:TCP"= 3242:TCP:Services
"6960:TCP"= 6960:TCP:Services
"2854:TCP"= 2854:TCP:Services
"1961:TCP"= 1961:TCP:Services
"6648:TCP"= 6648:TCP:Services
"7882:TCP"= 7882:TCP:Services
"7883:TCP"= 7883:TCP:Services
"9350:TCP"= 9350:TCP:Services
"5367:TCP"= 5367:TCP:Services
"4194:TCP"= 4194:TCP:Services
"3820:TCP"= 3820:TCP:Services
"1851:TCP"= 1851:TCP:Services
"5679:TCP"= 5679:TCP:Services
"6273:TCP"= 6273:TCP:Services
"4883:TCP"= 4883:TCP:Services
"4350:TCP"= 4350:TCP:Services
"8444:TCP"= 8444:TCP:Services
"9257:TCP"= 9257:TCP:Services
"3663:TCP"= 3663:TCP:Services
"5897:TCP"= 5897:TCP:Services
"2803:TCP"= 2803:TCP:Services
"6429:TCP"= 6429:TCP:Services
"4289:TCP"= 4289:TCP:Services
"2476:TCP"= 2476:TCP:Services
"4617:TCP"= 4617:TCP:Services
"7414:TCP"= 7414:TCP:Services
"9225:TCP"= 9225:TCP:Services
"4961:TCP"= 4961:TCP:Services
"6850:TCP"= 6850:TCP:Services
"6886:TCP"= 6886:TCP:Services
"2430:TCP"= 2430:TCP:Services
"9319:TCP"= 9319:TCP:Services
"3444:TCP"= 3444:TCP:Services
"2960:TCP"= 2960:TCP:Services
"4398:TCP"= 4398:TCP:Services
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16. 9. 2009 16:43 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5. 1. 2009 10:32 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27. 4. 2011 20:58 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27. 4. 2011 20:58 307288]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27. 4. 2011 20:58 19544]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12. 8. 2010 14:15 1378040]
R2 RARfsDriver;RemotelyAnywhere Remote File System Driver;c:\windows\system32\drivers\RARfsDriver.sys [8. 10. 2008 23:07 46000]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [4. 3. 2011 17:30 1523008]
R3 ramirr;ramirr;c:\windows\system32\drivers\ramirr.sys [17. 4. 2007 14:00 10168]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [17. 2. 2011 19:06 122032]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [21. 12. 2010 23:58 256512]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [21. 12. 2010 23:58 398720]
R3 xcpip;Ovladač protokolu TCP/IP;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
R3 xpsec;Ovladač IPSEC;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [27. 10. 2007 12:18 155136]
S0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [27. 10. 2007 12:18 5248]
S2 36820;IpSectPro service new;c:\windows\system\418710.exe --> c:\windows\system\418710.exe [?]
S2 gupdate1c9feeb4d770e2c;Služba Google Update (gupdate1c9feeb4d770e2c);c:\program files\Google\Update\GoogleUpdate.exe [2. 2. 2011 21:23 136176]
S2 NetControl2.AdminHelper;Net Control 2 Administrator. Helper Service.;d:\programy\Hack\Net Control 2\ahs.exe --> d:\programy\Hack\Net Control 2\ahs.exe [?]
S2 RAInfo;RemotelyAnywhere Kernel Information Provider;\??\d:\programy\RemotelyAnywhere\x86\RaInfo.sys --> d:\programy\RemotelyAnywhere\x86\RaInfo.sys [?]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [26. 1. 2008 0:25 219264]
S3 cpuz;cpuz;\??\c:\docume~1\patwistt\LOCALS~1\Temp\cpuz.sys --> c:\docume~1\patwistt\LOCALS~1\Temp\cpuz.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [15. 12. 2010 18:31 13224]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2. 2. 2011 21:23 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 ncvhook;ncvhook;c:\windows\system32\drivers\ncvhook.sys [1. 9. 2009 21:52 6896]
S3 ntportio;ntportio;\??\c:\docume~1\PATOWIST\LOCALS~1\Temp\u\1267129103\ntportio.sys --> c:\docume~1\PATOWIST\LOCALS~1\Temp\u\1267129103\ntportio.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [15. 12. 2010 18:25 150528]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19. 2. 2010 13:37 517096]
S3 trial;trial;\??\c:\docume~1\PATOWIST\LOCALS~1\Temp\Rar$EX00.454\aeq_suxx.sys --> c:\docume~1\PATOWIST\LOCALS~1\Temp\Rar$EX00.454\aeq_suxx.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [10. 2. 2011 10:22 10064]
S4 RARfsClientNP;RARfsClientNP; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 23:11]
.
2011-04-18 c:\windows\Tasks\AdobeAAMUpdater-1.0-PATWIST-PATOWIST.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-04-15 15:24]
.
2011-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-02 19:23]
.
2011-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-02 19:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
FF - ProfilePath - c:\documents and settings\PATOWIST\Data aplikací\Mozilla\Firefox\Profiles\f9ppzm5s.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.sk
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: z: {12d2b889-7ccb-0af6-4126-806f13689ed0} - c:\program files\Mozilla Firefox\extensions\{12d2b889-7ccb-0af6-4126-806f13689ed0}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com
FF - Ext: HP Detect: {ab91efd4-6975-4081-8552-1b3922ed79e2} - %profile%\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{8D2223A2-B3C6-4e32-B096-CDD11F628C60} - (no file)
MSConfigStartUp-CTFMON - (no file)
HKLM_ActiveSetup-{A01200FD-FFE0-F397-DE1D-E0D60A450004} - c:\windows\system32\VAC_bypass.exe
AddRemove-0852D05415AB9A4F1EF451E342267F76C776ED2F - c:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-0C5EDC3653FED5B121F464339EAC12534D253B25 - c:\progra~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe
AddRemove-EAX Unified - c:\program files\Creative\EAX Unified\Uninst.isu
AddRemove-F064B256B4A20996EA9E333B5E0F14B61AB3333D - c:\progra~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-03 21:17
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Lavasoft Kernexplorer]
"ImagePath"="\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-220523388-776561741-839522115-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F3C873CE-0E72-30A0-5C83-7FDF69233994}\InProcServer32*]
"facgfcjpcikg"=hex:70,61,64,70,6d,6b,6d,6f,62,63,64,63,6d,6c,64,62,6c,6f,66,6c,
6f,6f,6c,65,70,67,6e,6c,62,61,67,63,00,09
"nacgpfbbahokmdjlphcoeccphfac"=hex:64,62,6e,66,6f,61,6b,65,69,6b,69,6c,63,61,
6c,68,6f,67,62,68,70,69,63,61,61,6d,68,64,6e,70,69,6d,6f,69,64,61,6c,62,6d,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1056)
c:\windows\system32\RAinit.dll
c:\windows\system32\RARfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2212)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\programy\Nokia PC Suite\Nokia PC Suite 6\PhoneBrowser.dll
d:\programy\Nokia PC Suite\Nokia PC Suite 6\PCSCM.dll
d:\programy\Nokia PC Suite\Nokia PC Suite 6\Lang\PhoneBrowser_slk.nlr
d:\programy\Nokia PC Suite\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\WgaTray.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-05-03 21:20:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-03 19:20
.
Před spuštěním: 557 944 832
Po spuštění: 1 733 746 688
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=8Q171L
.
- - End Of File - - B04F7C7CCC5B666B82792B7C923486EA

Pri spúštaní scanovania v ComboFixe som nainštaloval Windows Konzolu a teraz pri spúšťaní PC mám na výber Aký operačný systém chcem spustiť. Ako zmazať tú konzolu? A stále sa nedajú nainštalovať Windows aktualizácie

LOG S OTL #2 (po opravení)

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
Error: No service named Abel was found to stop!
Service\Driver key Abel not found.
Service 36820 stopped successfully!
Service 36820 deleted successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-21-220523388-776561741-839522115-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:9D1B94FD deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:ECF54A0E deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:7204B89D deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2B19EBF3 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:10D98D98 deleted successfully.
========== FILES ==========
C:\WINDOWS\meta4.exe moved successfully.
C:\WINDOWS\System32\x.264.exe moved successfully.
C:\WINDOWS\x2.64.exe moved successfully.
C:\WINDOWS\MOTA113.exe moved successfully.
C:\WINDOWS\System32\rzvqse.dll moved successfully.
C:\Documents and Settings\PATOWIST\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\PATOWIST\Data aplikací\inst.exe moved successfully.
C:\Documents and Settings\PATOWIST\Data aplikací\ezpinst.exe moved successfully.
C:\Documents and Settings\PATOWIST\Data aplikací\34DE.489 moved successfully.
C:\WINDOWS\System32\kywiyxyslvhjvvr.exe moved successfully.
C:\WINDOWS\jqkx_m24.ini moved successfully.
C:\WINDOWS\cgxz-kn16.ini moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\SET27.tmp moved successfully.
C:\WINDOWS\system32\SET2C36.tmp moved successfully.
C:\WINDOWS\system32\SET430E.tmp moved successfully.
C:\WINDOWS\system32\SET431A.tmp moved successfully.
C:\WINDOWS\system32\SET4323.tmp moved successfully.
C:\WINDOWS\system32\SET4324.tmp moved successfully.
C:\WINDOWS\system32\SET4325.tmp moved successfully.
C:\WINDOWS\system32\SET4328.tmp moved successfully.
C:\WINDOWS\system32\SET4361.tmp moved successfully.
C:\WINDOWS\NV2521684.TMP folder moved successfully.
C:\WINDOWS\NV27401624.TMP folder moved successfully.
C:\WINDOWS\NV33243824.TMP folder moved successfully.
C:\WINDOWS\NV39563184.TMP folder moved successfully.
C:\WINDOWS\NV40564020.TMP folder moved successfully.
C:\WINDOWS\~GLH0000.TMP moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13BC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP153D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1703.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP188F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1915.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2455.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP247.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27EA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3EA0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP51B7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP53C9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6AB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP899.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP92B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBF4.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI15F.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A1D.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A44.tmp moved successfully.
C:\WINDOWS\Installer\MSI3425.tmp moved successfully.
C:\WINDOWS\Installer\MSI4B9.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\uxt1CC.tmp moved successfully.
C:\WINDOWS\system32\wmploc.dll.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: PATOWIST
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 695098 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 54509272 bytes
->Google Chrome cache emptied: 5924516 bytes
->Opera cache emptied: 994155 bytes
->Flash cache emptied: 1958155 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3810227 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 65,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: PATOWIST
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05032011_212739

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\c7869c90 scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\ec247ad9 scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\HPSLPSVC0000.log not found!

Registry entries deleted on Reboot...

Pak ji odinstalujeme

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Máte ho uložený přesně takto?
CFScript.txt

Po tom čo som dopísal minulý príspevok som ho aj zmazal pretože som sa lepšie pozrel a tam nebolo CFSscript ale CFScript.

LOG S COMBOFIX #2 (po aplikovaní CFScriptu)

ComboFix 11-05-03.02 - PATOWIST . 05. 2011 22:06:22.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.454 [GMT 2:00]
Spuštěný z: c:\documents and settings\PATOWIST\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PATOWIST\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
FILE ::
"c:\docume~1\PATOWIST\LOCALS~1\Temp\Rar$EX00.454\aeq_suxx.sys"
"c:\windows\system32\bjdooocacko.dll"
"c:\windows\System32\qeykvoic¨.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PATOWIST\Local Settings\Temporary Internet Files\10506bbe
c:\documents and settings\PATOWIST\Local Settings\Temporary Internet Files\8889633f
c:\windows\System32\qeykvoic¨.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_trial
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-03 do 2011-05-03 )))))))))))))))))))))))))))))))
.
.
2011-05-03 19:27 . 2011-05-03 19:27 -------- d-----w- C:\_OTL
2011-05-03 17:45 . 2011-05-03 18:41 512 ----a-w- C:\PhysicalMBR.bin
2011-05-02 17:47 . 2011-05-02 17:48 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\TS3Client
2011-04-27 18:58 . 2011-04-18 17:17 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-27 18:58 . 2011-04-18 17:12 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-27 18:58 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-27 18:58 . 2011-04-18 17:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-27 18:58 . 2011-04-18 17:13 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-27 18:58 . 2011-04-18 17:16 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-27 18:58 . 2011-04-18 17:16 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-27 18:58 . 2011-04-18 17:13 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-27 18:57 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr
2011-04-27 18:57 . 2011-04-18 17:25 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-27 18:56 . 2011-04-27 18:56 -------- d-----w- c:\program files\AVAST Software
2011-04-27 18:56 . 2011-04-27 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-04-17 23:11 . 2011-04-17 23:11 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-17 21:59 . 2011-04-17 21:59 -------- d-----w- c:\documents and settings\PATOWIST\Local Settings\Data aplikací\Sunbelt Software
2011-04-17 21:55 . 2011-04-17 21:55 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2011-04-17 01:43 . 2011-04-27 19:37 -------- d-sh--r- c:\windows\system32\rpcnetp
2011-04-15 15:41 . 2011-04-15 15:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2011-04-15 15:33 . 2011-04-15 15:33 -------- d-----w- c:\program files\Adobe Media Player
2011-04-15 14:19 . 2011-04-15 14:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP Product Assistant
2011-04-15 14:16 . 2011-04-15 14:20 -------- d-----w- c:\program files\HP
2011-04-14 23:37 . 2011-04-15 00:08 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\MyPhoneExplorer
2011-04-14 15:34 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-04-14 15:34 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-04-14 15:34 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-04-14 15:34 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-04-14 15:30 . 2011-04-14 15:30 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-14 15:30 . 2011-04-14 15:30 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-14 15:30 . 2011-04-14 15:30 -------- d-----w- c:\program files\OpenAL
2011-04-14 14:10 . 2011-04-15 15:11 7 ----a-w- c:\windows\treeskp.sys
2011-04-14 14:10 . 2011-04-15 15:11 7 ----a-w- c:\windows\sbacknt.bin
2011-04-14 13:10 . 2011-04-14 13:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avanquest
2011-04-14 13:10 . 2011-04-14 13:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\BVRP Software
2011-04-14 01:14 . 2011-04-17 12:55 253112 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-14 01:14 . 2011-04-17 12:55 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-14 01:14 . 2011-04-17 12:55 253104 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-14 01:14 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-14 01:14 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-14 01:14 . 2011-01-08 03:27 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-14 01:14 . 2011-01-08 03:27 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-13 23:02 . 2011-04-13 23:02 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\Chirurgie Simulation
2011-04-13 10:20 . 2011-03-16 13:34 2634240 ----a-w- c:\program files\Mozilla Firefox\extensions\{12d2b889-7ccb-0af6-4126-806f13689ed0}\components\71460a96.dll
2011-04-12 15:06 . 2011-04-17 16:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype Extras
2011-04-12 14:57 . 2011-04-12 14:57 -------- d-----w- c:\program files\Common Files\Skype
2011-04-12 14:56 . 2011-04-12 14:57 -------- d-----r- c:\program files\Skype
2011-04-12 14:44 . 2011-04-17 21:12 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\ICQ
2011-04-12 14:44 . 2011-04-12 15:29 -------- d-----w- c:\program files\ICQ7.4
2011-04-12 14:22 . 2011-04-12 14:22 -------- d-----w- c:\program files\Opera
2011-04-11 13:03 . 2011-04-11 13:03 -------- d-----w- c:\documents and settings\All Users\Uniblue
2011-04-11 10:27 . 2011-04-11 10:27 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Hagel Technologies
2011-04-10 20:50 . 2011-04-10 23:12 -------- d-----w- c:\documents and settings\PATOWIST\Local Settings\Data aplikací\NFS Underground 2
2011-04-10 19:44 . 2011-04-10 19:44 -------- d-----w- c:\documents and settings\PATOWIST\Local Settings\Data aplikací\Electronic_Arts_Inc
2011-04-10 18:57 . 2011-02-02 19:40 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-04-10 18:57 . 2011-02-02 19:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-09 20:41 . 2011-04-09 20:49 -------- d-----w- c:\documents and settings\PATOWIST\Data aplikací\Mp3tag
2011-04-08 17:28 . 2011-04-08 17:28 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\TuneUp Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-17 23:11 . 2009-09-16 17:06 15880 ----a-w- c:\windows\system32\lsdelete.exe
2011-03-26 14:09 . 2011-03-26 14:09 1409 ----a-w- c:\windows\QTFont.for
2011-03-04 15:32 . 2011-03-29 19:24 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-03-04 15:28 . 2011-03-29 19:24 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-02-17 17:06 . 2011-03-22 21:01 160560 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-17 17:06 . 2011-03-22 21:00 44784 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-02-17 17:06 . 2011-02-17 17:06 122032 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-02-17 17:06 . 2011-02-17 17:06 135472 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2005-10-07 17:14 308224 --sha-r- c:\windows\system32\avisynth.dll
2005-07-14 10:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 13:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 20:37 45568 --sha-r- c:\windows\system32\cygz.dll
2005-12-22 18:23 816640 --sha-r- c:\windows\system32\smab.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-03_19.15.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-24 18:04 . 2011-05-03 19:46 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-05-03 19:45 . 2011-05-03 19:45 10576 c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 11112 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 11136 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 11152 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 19320 c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2009-04-04 15:14 . 2009-04-04 15:14 971776 c:\windows\Installer\7ccd7.msp
+ 2011-03-24 18:04 . 2011-05-03 19:46 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-05-03 19:45 . 2011-05-03 19:45 609160 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 118176 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 423784 c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2011-05-03 19:45 . 2011-05-03 19:45 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2011-05-03 19:45 . 2011-05-03 19:45 149352 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2009-04-04 15:10 . 2009-04-04 15:10 2439680 c:\windows\Installer\7cccf.msp
+ 2009-04-04 15:10 . 2009-04-04 15:10 9926144 c:\windows\Installer\7ccc5.msp
+ 2009-04-04 15:09 . 2009-04-04 15:09 2364928 c:\windows\Installer\7ccad.msp
+ 2011-03-24 18:04 . 2011-05-03 19:46 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-03-24 18:04 . 2011-04-16 12:07 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-03-24 18:04 . 2011-05-03 19:46 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-05-03 19:45 . 2011-05-03 19:45 1279848 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2009-04-04 15:09 . 2009-04-04 15:09 10874880 c:\windows\Installer\7ccb9.msp
+ 2009-04-04 15:08 . 2009-04-04 15:08 343058432 c:\windows\Installer\7cca4.msp
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-04 16120832]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2011-04-17 928496]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"Nokia.PCSync"="d:\programy\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 11 (0xb)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RAinit]
2008-07-03 13:12 58704 ----a-w- c:\windows\system32\RAinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-12-15 20:07 1242448 ----a-w- d:\programy\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"Abel"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"=d:\programy\Steam\steam.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" silent loginmode=4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /install
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
"sdodcoectjloen"=c:\windows\System32\regsvr32.exe /s "c:\windows\system32\bjdooocacko.dll"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"qeykvoic¨"=c:\windows\System32\qeykvoic¨.exe
"PCSuiteTrayApplication"=d:\programy\Nokia PC Suite\Nokia PC Suite 6\LaunchApplication.exe -startup
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\condition zero\\hl.exe"=
"d:\\Programy\\Steam\\Steam.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\dedicated server\\hlds.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\dedicated server\\hltv.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Java\\jre1.6.0_01\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"d:\\Programy\\totalcmd\\TOTALCMD.EXE"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\hl.exe"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\hlds.exe"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\cstrike.exe"=
"d:\\Games\\stahujem\\OTHERS\\HTML\\Prizee\\Prizee Offline\\serwer_prizee.exe"=
"d:\\Games\\stahujem\\OTHERS\\HTML\\Prizee\\Prizee Offline\\http_prizee.exe"=
"d:\\Games\\Counter Strike 1.6 Non Steam\\hltv.exe"=
"d:\\Programy\\uTorrent\\utorrent.exe"=
"d:\\Programy\\Phone Remote Control\\PhoneRemoteControl.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"d:\\Games\\stahujem\\hack\\Ovladanie PC\\Net Control\\Osa9.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"d:\\Programy\\Unified Remote\\UnifiedRemoteServer.exe"=
"d:\\Games\\stahujem\\hack\\realhack\\aa\\DoS attack by marsmela - posterus.cz DOWN programs\\SuperScan.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Programy\\MyPhoneExplorer\\MyPhoneExplorer.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Games\\stahujem\\Software\\Tlaciaren\\setup\\hpznui01.exe"=
"d:\\Programy\\Steam\\steamapps\\patwist\\counter-strike\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16. 9. 2009 16:43 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5. 1. 2009 10:32 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27. 4. 2011 20:58 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27. 4. 2011 20:58 307288]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27. 4. 2011 20:58 19544]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12. 8. 2010 14:15 1378040]
R2 RARfsDriver;RemotelyAnywhere Remote File System Driver;c:\windows\system32\drivers\RARfsDriver.sys [8. 10. 2008 23:07 46000]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [4. 3. 2011 17:30 1523008]
R3 ramirr;ramirr;c:\windows\system32\drivers\ramirr.sys [17. 4. 2007 14:00 10168]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [17. 2. 2011 19:06 122032]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [21. 12. 2010 23:58 256512]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [21. 12. 2010 23:58 398720]
R3 xcpip;Ovladač protokolu TCP/IP;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]
R3 xpsec;Ovladač IPSEC;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]
S0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [27. 10. 2007 12:18 155136]
S0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [27. 10. 2007 12:18 5248]
S2 gupdate1c9feeb4d770e2c;Služba Google Update (gupdate1c9feeb4d770e2c);c:\program files\Google\Update\GoogleUpdate.exe [2. 2. 2011 21:23 136176]
S2 NetControl2.AdminHelper;Net Control 2 Administrator. Helper Service.;d:\programy\Hack\Net Control 2\ahs.exe --> d:\programy\Hack\Net Control 2\ahs.exe [?]
S2 RAInfo;RemotelyAnywhere Kernel Information Provider;\??\d:\programy\RemotelyAnywhere\x86\RaInfo.sys --> d:\programy\RemotelyAnywhere\x86\RaInfo.sys [?]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [26. 1. 2008 0:25 219264]
S3 cpuz;cpuz;\??\c:\docume~1\patwistt\LOCALS~1\Temp\cpuz.sys --> c:\docume~1\patwistt\LOCALS~1\Temp\cpuz.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [15. 12. 2010 18:31 13224]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2. 2. 2011 21:23 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [12. 8. 2010 14:15 15264]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 ncvhook;ncvhook;c:\windows\system32\drivers\ncvhook.sys [1. 9. 2009 21:52 6896]
S3 ntportio;ntportio;\??\c:\docume~1\PATOWIST\LOCALS~1\Temp\u\1267129103\ntportio.sys --> c:\docume~1\PATOWIST\LOCALS~1\Temp\u\1267129103\ntportio.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [15. 12. 2010 18:25 150528]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19. 2. 2010 13:37 517096]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [10. 2. 2011 10:22 10064]
S4 RARfsClientNP;RARfsClientNP; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 23:11]
.
2011-04-18 c:\windows\Tasks\AdobeAAMUpdater-1.0-PATWIST-PATOWIST.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-04-15 15:24]
.
2011-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-02 19:23]
.
2011-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-02 19:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
FF - ProfilePath - c:\documents and settings\PATOWIST\Data aplikací\Mozilla\Firefox\Profiles\f9ppzm5s.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.sk
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: z: {12d2b889-7ccb-0af6-4126-806f13689ed0} - c:\program files\Mozilla Firefox\extensions\{12d2b889-7ccb-0af6-4126-806f13689ed0}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-03 22:18
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-220523388-776561741-839522115-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(972)
c:\windows\system32\RAinit.dll
c:\windows\system32\RARfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2160)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\programy\Nokia PC Suite\Nokia PC Suite 6\PhoneBrowser.dll
d:\programy\Nokia PC Suite\Nokia PC Suite 6\PCSCM.dll
d:\programy\Nokia PC Suite\Nokia PC Suite 6\Lang\PhoneBrowser_slk.nlr
d:\programy\Nokia PC Suite\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\RARfsClientNP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\WgaTray.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-05-03 22:21:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-03 20:21
ComboFix2.txt 2011-05-03 19:20
.
Před spuštěním: 1 230 970 880
Po spuštění: 1 218 539 520
.
- - End Of File - - AC5E970167257DDCE1F71A72EFADAB0A

Pořád se tam něco drží. Spustte Avptool, nejlépe přes noc,je to trochu louda.

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Tak skúsim zapnúť teraz - prípadne zajtra poobede. Ešte prečistím pc CCleanerom.

Fajn, pak poprosím o log z něj a budeme pokračovat dále, pořád tam něco sedí