New Heur PE vir prosim pomoc!!

[motji]

Jestli máte přihlašovací hesla do windows, tak je změňte.

Zkusíme ještě něco

Stahněte AVZ http://z-oleg.com/avz4.zip na plochu
- rozbalte tak aby byla jen jedna slozka avz4
- spusťte AVZ.exe

-klikněte na file-customscripts
-do okna vložte text

Kód: Vybrat vše

begin
ExecuteStdScr(1);
ExecuteStdScr(3);
RebootWindows(true);
end.

-klikněte na Run
-log pak vložte zde jako přílohu v zipu

[JayB79]

dobry den)

program jsem stahnul ale pokazde mi nahlasi chybu kdyz jsem chtel udelat co mi tu bylo napsano ze mam udelat, windows mi pokazde program ukonci

[motji]

Nevadí.
Odinstalujte AVZ
- v menu File -> Standard script zvolte možnost "6"
- klikněte na Execute selected scripts, potvrďte "Yes"

jak se ted chová počítač?

[motji]

Otestujte na www.virustotal.com
c:\programdata\31F8432FC3.sys
C:\Program Files (x86)\AIM\aim.exe

[JayB79]

dobry den,

udelal jsem vse, zatim zmena zadna...

vysledky z virus total zde :

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.01.24 -
AhnLab-V3 5.0.0.2 2010.01.23 -
AntiVir 7.9.1.146 2010.01.22 -
Antiy-AVL 2.0.3.7 2010.01.22 -
Authentium 5.2.0.5 2010.01.23 -
Avast 4.8.1351.0 2010.01.24 -
AVG 9.0.0.730 2010.01.24 -
BitDefender 7.2 2010.01.24 -
CAT-QuickHeal 10.00 2010.01.22 -
ClamAV 0.94.1 2010.01.22 -
Comodo 3693 2010.01.24 -
DrWeb 5.0.1.12222 2010.01.24 -
eSafe 7.0.17.0 2010.01.21 -
eTrust-Vet 35.2.7255 2010.01.22 -
F-Prot 4.5.1.85 2010.01.23 -
F-Secure 9.0.15370.0 2010.01.24 -
Fortinet 4.0.14.0 2010.01.24 -
GData 19 2010.01.24 -
Ikarus T3.1.1.80.0 2010.01.24 -
Jiangmin 13.0.900 2010.01.24 -
K7AntiVirus 7.10.952 2010.01.22 -
Kaspersky 7.0.0.125 2010.01.24 -
McAfee 5870 2010.01.23 -
McAfee+Artemis 5870 2010.01.23 -
McAfee-GW-Edition 6.8.5 2010.01.24 -
Microsoft 1.5405 2010.01.24 -
NOD32 4801 2010.01.24 -
Norman 6.04.03 2010.01.24 -
nProtect 2009.1.8.0 2010.01.24 -
Panda 10.0.2.2 2010.01.24 -
PCTools 7.0.3.5 2010.01.24 -
Prevx 3.0 2010.01.24 -
Rising 22.31.06.04 2010.01.24 -
Sophos 4.50.0 2010.01.24 -
Sunbelt 3.2.1858.2 2010.01.23 -
Symantec 20091.2.0.41 2010.01.24 -
TheHacker 6.5.0.9.160 2010.01.24 -
TrendMicro 9.120.0.1004 2010.01.24 -
VBA32 3.12.12.1 2010.01.23 -
ViRobot 2010.1.23.2152 2010.01.23 -
VirusBuster 5.0.21.0 2010.01.23 -
Rozšiřující informace
File size: 3951976 bytes
MD5 : 0c34d6eb26cbfaa5255ea22bd63a746d
SHA1 : 74887e0b7d32abbbc046ffb6720e0971dc53b0cc
SHA256: 7cc7db3dbbfb30a92446597325132a39f9075134898d7e90fb88e3aec83e2df0
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x28C0CC
timedatestamp.....: 0x4B155474 (Tue Dec 1 18:37:56 2009)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2C5564 0x2C5600 6.64 9345dfe1bf0601f8094b62e9a51ad7ff
.rdata 0x2C7000 0x6A2FA 0x6A400 4.95 7c214171a6006ad9ea69c0e0a30970c5
.data 0x332000 0x55EB0 0x49400 2.61 b8c915ded3fc293e743501a072e2ef2f
.rsrc 0x388000 0x4A56C 0x4A600 1.60 8da7011ef21936a79f31184d643f7e2d

( 10 imports )

> advapi32.dll: RegQueryValueExA, RegCloseKey, RegOpenKeyExA
> coolcore59.dll: _XpcsSafeArrayLock@4, _XpcsSafeArrayDestroy@4, _XpcsVarClear@4, _XpcsSafeArrayUnlock@4, _XpcsSafeArrayGetElement@12, _XpcsCLSIDFromString@8, _XpcsStringFromGUID2@12, _XptlComPtrAssign@8, _XpcsSafeArrayGetLBound@12, _XpcsSafeArrayGetUBound@12, _XpcsSafeArrayCreate@12
> gdi32.dll: GetDIBits, CreateDIBSection, CombineRgn, GetObjectW, SetPixel, CreateBitmap, CreateCompatibleBitmap, BitBlt, CreateSolidBrush, DeleteMetaFile, CloseMetaFile, RestoreDC, SetWindowExtEx, SetWindowOrgEx, SaveDC, CreateMetaFileW, CreateRectRgnIndirect, CreateDCW, SetViewportOrgEx, SetMapMode, LPtoDP, GetRgnBox, EqualRgn, IntersectClipRect, StretchBlt, OffsetViewportOrgEx, CreateFontW, SetBkColor, GetTextColor, GetBkColor, PatBlt, SetTextColor, SetLayout, GetTextMetricsW, SetGraphicsMode, SetBkMode, TextOutW, SetTextAlign, CreateFontIndirectW, StretchDIBits, SetBrushOrgEx, SetStretchBltMode, GetStretchBltMode, GetOutlineTextMetricsW, CreateFontA, GetGlyphOutlineW, GetClipBox, CreateRoundRectRgn, GetRegionData, GetDeviceCaps, ExtCreateRegion, GetStockObject, SelectObject, GetTextFaceW, CreateCompatibleDC, DeleteObject, GetPixel, DeleteDC, CreateDCA, SelectClipRgn, CreateRectRgn
> kernel32.dll: GetSystemTimeAsFileTime, GlobalMemoryStatusEx, GetSystemInfo, VirtualFree, VirtualAlloc, IsBadCodePtr, lstrlenA, lstrcatA, LoadLibraryExA, GetFileAttributesA, lstrcpyA, GetModuleFileNameA, CreateFileA, SetEndOfFile, GetFileSize, GetThreadLocale, GetSystemDefaultLCID, lstrcmpA, CreateEventA, GetCurrentDirectoryA, TlsFree, TlsAlloc, CreateFileMappingA, TlsGetValue, TlsSetValue, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, IsProcessorFeaturePresent, InterlockedCompareExchange, HeapSize, HeapReAlloc, HeapDestroy, LocalAlloc, MapViewOfFile, UnmapViewOfFile, SetFilePointer, WriteFile, Sleep, WideCharToMultiByte, GlobalSize, GlobalUnlock, FlushInstructionCache, GlobalAddAtomW, lstrcmpW, GetTempPathW, MulDiv, GetUserDefaultLCID, GetProcessWorkingSetSize, ExpandEnvironmentStringsA, SetLastError, InterlockedExchange, HeapAlloc, GetProcessHeap, HeapFree, FileTimeToSystemTime, FileTimeToLocalFileTime, LoadLibraryA, QueryPerformanceCounter, QueryPerformanceFrequency, GetModuleHandleA, IsBadWritePtr, lstrcmpiA, VirtualProtect, VirtualQuery, GetVersionExA, TerminateThread, LocalFree, ReadFile, LockResource, ReleaseSemaphore, FindClose, GlobalFree, GlobalAlloc, ExitThread, CloseHandle, SetEvent, GlobalLock, GetCurrentProcess, SetProcessWorkingSetSize, GetTickCount, CreateThread, GetCurrentThreadId, GetCurrentProcessId, FreeLibrary, WaitForSingleObject, SizeofResource, LoadResource, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, InterlockedDecrement, InterlockedIncrement, ReleaseMutex, GetLastError
> msvcp90.dll: _deallocate@_$allocator@G@std@@QAEXPAGI@Z, _allocate@_$allocator@G@std@@QAEPAGI@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, _c_str@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBEPBDXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, __Raise_handler@std@@3P6AXABVexception@stdext@@@ZA, __Throw@std@@YAXABVexception@stdext@@@Z
> msvcr90.dll: abs, ldiv, realloc, _wgetcwd, _vswprintf_c_l, isalpha, _invalid_parameter_noinfo, qsort, setlocale, wcsncat, wcscpy, iswalpha, towlower, strstr, strncpy, _strlwr, _stricmp, wcsrchr, atoi, _snwprintf, wcstod, _wcsupr, tolower, rand, iswxdigit, sprintf, fclose, wcsftime, memmove_s, strlen, _snprintf_s, printf, _wtoi, wcspbrk, towupper, memcpy, sqrt, pow, log, floor, _waccess, iswdigit, isdigit, _beginthread, wcsncmp, strncmp, swprintf_s, strncat, _snprintf, calloc, wcstol, wcstok, isspace, isalnum, fabs, fmod, memmove, _wcsupr_s, _wcslwr_s, _gmtime64_s, _mktime64, _CIsqrt, srand, _CIcos, _CIsin, _CIpow, _CIlog, _CIexp, _CIacos, _CIasin, longjmp, _setjmp3, exit, fprintf, __iob_func, fread, sscanf, getenv, strtod, _resetstkoflw, _itow_s, wcsnlen, _beginthreadex, _endthreadex, _wcslwr, _time32, atof, _CxxThrowException, _unlock, __dllonexit, _encode_pointer, _lock, _onexit, _decode_pointer, _amsg_exit, __wgetmainargs, _cexit, _exit, _XcptFilter, _wcmdln, _initterm, _initterm_e, _configthreadlocale, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, iswpunct, _vsnwprintf, iswspace, strcmp, swscanf, _vsnwprintf_s, _splitpath, memcmp, wcscpy_s, _wtol, wcschr, wcsncpy, _wcsnicmp, _wrename, wcslen, wcscmp, _purecall, _wgetenv, _recalloc, _wcsicmp, _wsplitpath, wcsstr, memset, wcsncpy_s, wcscat, free, malloc, ___V@YAXPAX@Z, memcpy_s, __2@YAPAXI@Z, __3@YAXPAX@Z, __set_app_type, _except_handler4_common, _terminate@@YAXXZ, _crt_debugger_hook, __type_info_dtor_internal_method@type_info@@QAEXXZ, _invoke_watson, _controlfp_s, __CxxFrameHandler3
> ole32.dll: OleUninitialize, OleInitialize, CoCreateGuid, DoDragDrop, StringFromGUID2, OleLockRunning, CoGetClassObject, CLSIDFromProgID, CLSIDFromString, CreateBindCtx, OleFlushClipboard, OleSetClipboard, ReleaseStgMedium, OleGetClipboard, CreateOleAdviseHolder, OleRegEnumVerbs, OleRegGetUserType, OleRegGetMiscStatus, CreateDataAdviseHolder, WriteClassStm, OleSaveToStream, ReadClassStm, RegisterDragDrop, RevokeDragDrop, CoFileTimeNow, OleSetContainedObject, StringFromCLSID, PropVariantClear, CreateStreamOnHGlobal, CoUninitialize, CoInitialize, CoTaskMemFree, CoCreateInstance, CoTaskMemRealloc, CoTaskMemAlloc, CoRegisterClassObject, CoRevokeClassObject, CoMarshalInterThreadInterfaceInStream, CoGetInterfaceAndReleaseStream
> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> user32.dll: UpdateWindow, GetWindowDC, GetTopWindow, TranslateMessage, IsWindow, SetWindowsHookExA, DrawTextA, GetUpdateRect, PostMessageA, CreateAcceleratorTableA, LookupIconIdFromDirectory, CreateIconFromResource, RegisterClassExA, wsprintfA, DefWindowProcA, LoadMenuIndirectA, RegisterWindowMessageA, SendMessageA, UnregisterClassA, GetMessageA, DispatchMessageA, SetRectEmpty, GetWindowPlacement, SetWindowPlacement, DestroyWindow, GetDesktopWindow, IsWindowVisible, GetClientRect, ClientToScreen, WindowFromPoint, IsChild, GetForegroundWindow, GetDC, ReleaseDC, PostQuitMessage, GetLastInputInfo, GetWindowThreadProcessId, MessageBeep, GetKeyState, GetSystemMetrics, MonitorFromPoint, OpenClipboard, CloseClipboard, GetAncestor, EnumWindows, GetWindow, AttachThreadInput, SetForegroundWindow, GetWindowTextA, BeginDeferWindowPos, DeferWindowPos, EndDeferWindowPos, MsgWaitForMultipleObjects, IntersectRect, MapWindowPoints, ScreenToClient, RedrawWindow, SetTimer, KillTimer, DestroyIcon, GetCursorPos, GetAsyncKeyState, MonitorFromRect, EnumDisplayMonitors, AllowSetForegroundWindow, GetWindowRect, MoveWindow, SetRect, GetParent, GetClassLongW, EnumChildWindows, GetClassNameW, GetSysColor, GetDoubleClickTime, SetWindowPos, MonitorFromWindow, DrawIconEx, GetIconInfo, GetCursor, SetWindowRgn, GetCapture, ReleaseCapture, SetCapture, GetActiveWindow, ShowWindow, EnableWindow, IsWindowEnabled, SetParent, UnhookWindowsHookEx, UnregisterClassW, ToUnicode, GetKeyboardState, DrawMenuBar, SetMenu, SetFocus, SetActiveWindow, CallNextHookEx, UnloadKeyboardLayout, VkKeyScanExW, LoadKeyboardLayoutW, PtInRect, SetCursor, LoadCursorW, IsZoomed, EndPaint, BeginPaint, SetWindowsHookExW, GetClassInfoW, DrawTextExW, InvalidateRect, GetWindowRgn, GetKeyboardLayout, FillRect, CreateIconIndirect, GetPropW, InvalidateRgn, GetDlgItem, CallWindowProcW, DestroyAcceleratorTable, GetFocus, RemovePropW, GetClassInfoExW, RegisterClassExW, CreateAcceleratorTableW, GetWindowTextW, GetWindowTextLengthW, SetPropW, SetLayeredWindowAttributes, CallMsgFilterW, GetMessagePos, SetCursorPos, IsIconic, WaitMessage, OffsetRect, GetClipboardFormatNameW, RegisterClipboardFormatW, EqualRect, UnionRect, CreateMenu, CreatePopupMenu, DestroyMenu, RemoveMenu, GetMenuItemCount, SetMenuItemInfoW, InsertMenuItemW, GetMenuItemInfoW, GetSubMenu, IsRectEmpty, FlashWindowEx, SetMenuDefaultItem, GetMenuDefaultItem, EnableMenuItem, TrackPopupMenu, GetSystemMenu, VkKeyScanW, NotifyWinEvent, DrawEdge, DrawFrameControl, DrawTextW, HideCaret, ShowCaret, CreateCaret, GetCaretBlinkTime, InvertRect, SetCaretPos, FindWindowExW
> xprt6.dll: _RemoveDirectoryA@TFile@XPRT@@SA_NPBG@Z, xprt_const_strchr, _GetFileTime@TTime@XPRT@@QBEXAAU_FILETIME@@@Z, _Init@TCritSec@XPRT@@QAEXXZ, _Term@TCritSec@XPRT@@QAEXXZ, _XprtRequestMessageId@0, __1TLibrary@XPRT@@UAE@XZ, _XprtRegisterMessageCallback@8, _XprtUnregisterMessageCallback@4, _Lock@TCritSec@XPRT@@QAEXXZ, _XprtPostMessage@16, _Unlock@TCritSec@XPRT@@QAEXXZ, _XprtInetParse@16, kUnicodeEncoding, _XprtGetSystemInfo@0, xprt_strlcpy, _GetFileSpec@TFileFinder@XPRT@@QBE_AVTBstr@2@XZ, _XprtAtomicDecrement@4, xprt_strcmp, _Finish@TMdXDigest@XPRT@@UAEHPAEH@Z, __ATPtrFromPtrMap@XPRT@@QAEAAPAXPAX@Z, _SetOptimalLoad@TPtrFromPtrMap@XPRT@@QAEXMMM_N@Z, _XprtEntityEscape@8, adler32, crc32, inflateReset, inflateInit_, inflate, inflateEnd, xprt_stricmp, inflateInit2_, _CreateDirectoryA@TFile@XPRT@@SA_NPBG@Z, XML_ParseBuffer, XML_GetBuffer, xprt_isalnum, _XprtAllocStringLen@8, xprt_strlen, _GetNext@TPtrFromPtrMap@XPRT@@QAEPAVTPair@12@AAPAU__POSITION@2@@Z, _Lookup@TPtrFromPtrMap@XPRT@@QAEPAVTPair@12@PAX@Z, _Finish@THmac@XPRT@@QAEHPAEH@Z, _Update@THmac@XPRT@@QAEXPBEH@Z, __0THmac@XPRT@@QAE@AAVTMessageDigest@1@PBEH@Z, __0TLibrary@XPRT@@QAE@XZ, __1TPtrList@XPRT@@QAE@XZ, __0TPtrList@XPRT@@QAE@H@Z, __0TBstr@XPRT@@QAE@XZ, _Update@TMessageDigest@XPRT@@QAEXPBEH@Z, __0TSha256Digest@XPRT@@QAE@XZ, __0TShaDigest@XPRT@@QAE@XZ, __0TMd4Digest@XPRT@@QAE@H@Z, _XprtEntityUnescape@8, _OnExternalEntityRef@TXmlParser@XPRT@@MAE_NPBD000@Z, _OnDefault@TXmlParser@XPRT@@MAEXPBDH@Z, _OnEndCdataSection@TXmlParser@XPRT@@MAEXXZ, _OnStartCdataSection@TXmlParser@XPRT@@MAEXXZ, _OnComment@TXmlParser@XPRT@@MAEXPBD@Z, _OnCharacterData@TXmlParser@XPRT@@MAEXPBDH@Z, _OnEndElement@TXmlParser@XPRT@@MAEXPBD0@Z, _OnProcessingInstruction@TXmlParser@XPRT@@MAEXPBD0@Z, _Go@TXmlParser@XPRT@@QAE_NXZ, _Assign@TBstr@XPRT@@QAEAAV12@PBDHPBG@Z, _GetValue@TXmlAttributes@XPRT@@QBEPBDPBD0@Z, __0TXmlParser@XPRT@@QAE@AAVTStream@1@@Z, _GetSpecialDirectory@TFile@XPRT@@SA_AVTBstr@2@W4ESpecialDir@12@@Z, _Copy@TPtrArray@XPRT@@QAEXABV12@@Z, __1TBufferedFile@XPRT@@UAE@XZ, __0TBufferedFile@XPRT@@QAE@H@Z, __1TXmlParser@XPRT@@UAE@XZ, _XprtCanonicalizeScreenName@8, xprt_memcpy, _XprtMemRealloc@8, _GetTempDirectory@TFile@XPRT@@SA_AVTBstr@2@XZ, _XprtStringLen@4, _GetDay@TTime@XPRT@@QBEHXZ, _XprtCompareNoCase@8, _RemoveHead@TPtrList@XPRT@@QAEPAXXZ, _FormatV@TBstr@XPRT@@QAEXPBGPAD@Z, __3TXprtAllocated@XPRT@@SAXPAX@Z, _TrimRight@TBstr@XPRT@@QAEAAV12@G@Z, _XprtCompareWildcard@8, _GetNextAssoc@TPtrFromPtrMap@XPRT@@QBEXAAPAU__POSITION@2@AAPAX1@Z, _SetValueAt@TPtrFromPtrMap@XPRT@@QAEXPAU__POSITION@2@PAX@Z, _GetStartPosition@TPtrFromPtrMap@XPRT@@QBEPAU__POSITION@2@XZ, _AddHead@TPtrList@XPRT@@QAEPAU__POSITION@2@PAX@Z, _AppendFormat@TBstr@XPRT@@QAAXPBGZZ, _Append@TBstr@XPRT@@QAEAAV12@PBGH@Z, xprt_tolower, xprt_iswdigit, _XprtUrlDecode@8, _TrimLeft@TBstr@XPRT@@QAEAAV12@G@Z, _XprtGetMilliseconds@0, _MakeUpper@TBstr@XPRT@@QAEAAV12@XZ, _GetRawBstrPtr@TBstr@XPRT@@QAEPAPAGXZ, _TrimLeft@TBstr@XPRT@@QAEAAV12@XZ, _Find@TPtrList@XPRT@@QBEPAU__POSITION@2@PAXPAU32@@Z, _RemoveKey@TPtrFromPtrMap@XPRT@@QAE_NPAX@Z, _SetAt@TPtrFromPtrMap@XPRT@@QAEPAU__POSITION@2@PAX0@Z, _Lookup@TPtrFromPtrMap@XPRT@@QBE_NPAXAAPAX@Z, _Read@TFile@XPRT@@UAEHPAXH@Z, XML_Parse, _GetEncodedByteLength@TBstr@XPRT@@QBEHPBG@Z, _IsOpen@TFile@XPRT@@QBE_NXZ, __0TPtrFromPtrMap@XPRT@@QAE@H@Z, __1TPtrFromPtrMap@XPRT@@QAE@XZ, _XprtHashString@4, _RemoveAll@TPtrFromPtrMap@XPRT@@QAEXXZ, _Find@TPtrArray@XPRT@@QBEHPAXH@Z, _IsValid@TTime@XPRT@@QBE_NXZ, _Set@TTime@XPRT@@QAEXN@Z, _Set@TTime@XPRT@@QAEXHHHHHH@Z, _TrimRight@TBstr@XPRT@@QAEAAV12@XZ, _InsertAt@TPtrArray@XPRT@@QAEXHPAXH@Z, _Sort@TPtrArray@XPRT@@QAEXW4ESortOrder@2@@Z, _GetBestEncoding@TBstr@XPRT@@QBE_AV12@XZ, xprt_iswalnum, _FindNext@TFileFinder@XPRT@@QAE_NI@Z, _Find@TFileFinder@XPRT@@QAE_NPBGI@Z, __1TFileFinder@XPRT@@UAE@XZ, __0TFileFinder@XPRT@@QAE@XZ, _FindOneOf@TBstr@XPRT@@QBEHPBG@Z, __0TBstr@XPRT@@QAE@GH@Z, _Write@TFile@XPRT@@UAEHPBXH@Z, xprt_wcstol, xprt_const_wcschr, xprt_snwprintf, __0TBstr@XPRT@@QAE@PBGH@Z, xprt_wcstoul, xprt_ucslcpy, xprt_wcslen, _GetTime64@TTime@XPRT@@QBE_JXZ, _RemoveAt@TPtrList@XPRT@@QAEXPAU__POSITION@2@@Z, xprt_memmove, _ToInt@TBstr@XPRT@@QBEHH@Z, _Left@TBstr@XPRT@@QBE_AV12@H@Z, xprt_memcmp, _XprtHexToBin@16, _Close@TFile@XPRT@@UAE_NXZ, _GetLength@TFile@XPRT@@UBE_JXZ, _Append@TBstr@XPRT@@QAEAAV12@PBDPBG@Z, _Remove@TFile@XPRT@@SA_NPBG@Z, _XprtBinToBase64@16, _XprtUtf8ToString@16, _XprtBase64ToBin@12, _XprtStringToUtf8@16, _Assign@TBstr@XPRT@@QAEAAV12@PBGH@Z, _XprtBinToHex@16, _XprtHashFile@16, __0TMd5Digest@XPRT@@QAE@H@Z, _GetNext@TZipArchive@XPRT@@UAE_NAAPAU__POSITION@2@AAVTFileInfo@2@@Z, _ExtractAt@TZipArchive@XPRT@@UAEPAVTStream@2@PAU__POSITION@2@@Z, _GetHeadPosition@TZipArchive@XPRT@@UAEPAU__POSITION@2@XZ, __1TZipArchive@XPRT@@UAE@XZ, __0TZipArchive@XPRT@@QAE@AAVTStream@1@@Z, _Open@TFile@XPRT@@QAE_NPBGI_N@Z, __1TFile@XPRT@@UAE@XZ, __0TFile@XPRT@@QAE@XZ, _DirSpecFromFullSpec@TFile@XPRT@@SA_AVTBstr@2@PBG@Z, _CreatePath@TFile@XPRT@@SA_NPBG@Z, _GetBstrPtr@TBstr@XPRT@@QAEPAPAGXZ, _Find@TBstr@XPRT@@QBEHGH@Z, _XprtUrlEncode@8, _AddTail@TPtrList@XPRT@@QAEPAU__POSITION@2@PAX@Z, _RemoveAll@TPtrList@XPRT@@QAEXXZ, _FileNameFromFullSpec@TFile@XPRT@@SA_AVTBstr@2@PBG@Z, _GetInfo@TFile@XPRT@@SA_NPBGAAVTFileInfo@2@@Z, _Init@TFileInfo@XPRT@@IAEXPBGI_JABVTTime@2@22@Z, _RemoveHeadNoReturn@TPtrList@XPRT@@QAEXXZ, _SetAt@TBstr@XPRT@@QAEXHG@Z, _Insert@TBstr@XPRT@@QAEHHG@Z, _kDirectorySeparator@TFile@XPRT@@2GB, _ReverseFind@TBstr@XPRT@@QBEHG@Z, _Normalize@TBstr@XPRT@@QAEAAV12@XZ, _Delete@TBstr@XPRT@@QAEHHH@Z, _MakeLower@TBstr@XPRT@@QAEAAV12@XZ, _Mid@TBstr@XPRT@@QBE_AV12@HH@Z, __0TBstr@XPRT@@QAE@PBDPBG@Z, _GetAt@TBstr@XPRT@@QBEGH@Z, _GetEncodedString@TBstr@XPRT@@QBEPBDPBG@Z, _Attach@TBstr@XPRT@@QAEXPAG@Z, _Detach@TBstr@XPRT@@QAEPAGXZ, _XprtMemAlloc@4, _XprtMemFree@4, kUtf8Encoding, __0TBstr@XPRT@@QAE@ABV01@@Z, _GetLength@TBstr@XPRT@@QBEHXZ, _IsEmpty@TBstr@XPRT@@QBE_NXZ, _Load@TLibrary@XPRT@@QAE_NPBG@Z, _Assign@TBstr@XPRT@@QAEAAV12@PBG@Z, _Assign@TBstr@XPRT@@QAEAAV12@ABV12@@Z, _Append@TBstr@XPRT@@QAEAAV12@PBG@Z, _Append@TBstr@XPRT@@QAEAAV12@G@Z, _Append@TBstr@XPRT@@QAEAAV12@ABV12@@Z, _Compare@TBstr@XPRT@@QBEHPBG@Z, _CompareNoCase@TBstr@XPRT@@QBEHPBG@Z, _CompareNormal@TBstr@XPRT@@QBEHPBG@Z, _Mid@TBstr@XPRT@@QBE_AV12@H@Z, _Right@TBstr@XPRT@@QBE_AV12@H@Z, _Replace@TBstr@XPRT@@QAEHPBG0@Z, _Replace@TBstr@XPRT@@QAEHGG@Z, _Insert@TBstr@XPRT@@QAEHHPBG@Z, _Find@TBstr@XPRT@@QBEHPBGH@Z, _Tokenize@TBstr@XPRT@@QBE_AV12@PBGAAH@Z, _Format@TBstr@XPRT@@QAAXPBGZZ, __0TPtrArray@XPRT@@QAE@XZ, __1TPtrArray@XPRT@@QAE@XZ, _SetCount@TPtrArray@XPRT@@QAE_NHH@Z, _Add@TPtrArray@XPRT@@QAEHPAX@Z, _RemoveAt@TPtrArray@XPRT@@QAEXHH@Z, xprt_wcsnicmp, _XprtFreeString@4, xprt_wcsncmp, xprt_memset, _Create@SPlex@XPRT@@SGPAU12@AAPAU12@II@Z, _FreeDataChain@SPlex@XPRT@@QAEXXZ, __0TXmlDeserializer@XPRT@@QAE@AAVTStream@1@@Z, __1TXmlDeserializer@XPRT@@UAE@XZ, _Deserialize@TXmlSerializable@XPRT@@QAE_NAAVTXmlDeserializer@2@@Z, _Serialize@TXmlSerializable@XPRT@@QBE_NAAVTXmlWriter@2@@Z, __0TXmlWriter@XPRT@@QAE@AAVTStream@1@@Z, __1TXmlWriter@XPRT@@UAE@XZ, _XprtCompareString@8, _TestAccess@TFile@XPRT@@SA_NPBGI@Z, _AppendFileNameToSpec@TFile@XPRT@@SA_AVTBstr@2@PBG0@Z, _Format@TTime@XPRT@@QBE_AVTBstr@2@PBG@Z, _GetTickCount@TTime@XPRT@@SA_AV12@XZ, _XprtAllocString@4, __0TMemStream@XPRT@@QAE@XZ, __1TMemStream@XPRT@@UAE@XZ, _Write@TMemStream@XPRT@@UAEHPBXH@Z, _SetPosition@TMemStream@XPRT@@UAE_N_JH@Z, _GetLength@TMemStream@XPRT@@UBE_JXZ, _GetData@TMemStream@XPRT@@QBEPBXXZ, _XprtUninitialize@0, _Empty@TBstr@XPRT@@QAEXXZ, xprt_const_wcsstr, _Assign@TBstr@XPRT@@QAEAAV12@PBDPBG@Z, kSystemEncoding, _XprtInitialize@8, __0TBstr@XPRT@@QAE@PBG@Z, _GetProcAddress@TLibrary@XPRT@@QBEP6GHXZPBD@Z, _XprtAtomicIncrement@4, _IsLoaded@TLibrary@XPRT@@QBE_NXZ, __1TBstr@XPRT@@QAE@XZ, XML_SetProcessingInstructionHandler, XML_SetCharacterDataHandler, XML_SetElementHandler, XML_SetUserData, XML_ParserReset, XML_ParserCreate, XML_ParserFree, _XprtGetMessageQueue@0, _GetString@TBstr@XPRT@@QBEPBGXZ

( 0 exports )
TrID : File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ssdeep: 98304:foVzFoUleIGlh2P46HxcHZBuiBy4/8SGwQa3Lb4L4Y63j28HErvDHbnj8uAPjx4J:EtOQBo0YfsBIGxJ7
PEiD : -
RDS : NSRL Reference Data Set
-


Soubor 31F8432FC3.sys přijatý 2010.02.23 16:12:31 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 38 a 55 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.02.23 -
AhnLab-V3 5.0.0.2 2010.02.23 -
AntiVir 8.2.1.172 2010.02.23 -
Antiy-AVL 2.0.3.7 2010.02.23 -
Authentium 5.2.0.5 2010.02.23 -
Avast 4.8.1351.0 2010.02.23 -
AVG 9.0.0.730 2010.02.23 -
BitDefender 7.2 2010.02.23 -
CAT-QuickHeal 10.00 2010.02.23 -
ClamAV 0.96.0.0-git 2010.02.23 -
Comodo 4036 2010.02.23 -
DrWeb 5.0.1.12222 2010.02.23 -
eSafe 7.0.17.0 2010.02.23 -
eTrust-Vet 35.2.7323 2010.02.23 -
F-Prot 4.5.1.85 2010.02.22 -
F-Secure 9.0.15370.0 2010.02.23 -
Fortinet 4.0.14.0 2010.02.21 -
GData 19 2010.02.23 -
Ikarus T3.1.1.80.0 2010.02.23 -
Jiangmin 13.0.900 2010.02.23 -
K7AntiVirus 7.10.980 2010.02.22 -
Kaspersky 7.0.0.125 2010.02.23 -
McAfee 5900 2010.02.22 -
McAfee+Artemis 5900 2010.02.22 -
McAfee-GW-Edition 6.8.5 2010.02.23 -
Microsoft 1.5406 2010.02.23 -
NOD32 4890 2010.02.23 -
Norman 6.04.08 2010.02.23 -
nProtect 2009.1.8.0 2010.02.23 -
Panda 10.0.2.2 2010.02.22 -
PCTools 7.0.3.5 2010.02.23 -
Prevx 3.0 2010.02.23 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.23 -
Sunbelt 5694 2010.02.23 -
Symantec 20091.2.0.41 2010.02.23 -
TheHacker 6.5.1.6.206 2010.02.23 -
TrendMicro 9.120.0.1004 2010.02.23 -
VBA32 3.12.12.2 2010.02.23 -
ViRobot 2010.2.23.2198 2010.02.23 -
VirusBuster 5.0.27.0 2010.02.23 -
Rozšiřující informace
File size: 88 bytes
MD5...: f7e0090533aabe2236b4f0a2b3680f8a
SHA1..: c387f3f1d1d2c3880ef97d4c14977304f1bf6108
SHA256: 596a8c08c13bd7ff4a60ea49f6e98b231caf5cb8ae2e777c773ddc945a034041
ssdeep: 3:hl/Vr7tl1XLJn:HXF
PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: MS Flight Simulator Aircraft Performance Info (100.0%)

[motji]

Spouštěl jste to AVZ pod právy administrátora? Když tak klik pravým myšítkem na ikonu - spustit jako

[JayB79]

ano spoustel, porad to same nespusti se....

jeste takovy dotaz desktop.ini je to virus? obevilo se mi to na plose

[motji]

Ne, to virus není.
Jak to ted vypadá s počítačem?

[JayB79]

je mi lito vas porad otravovat, ale bohuzel porad stejne, plocha se meni jak se ji zlibi, jednou za cas se zprehazi, a i neco chce pres messenger poslat, obcas se mi obevi nejakanechtena stranka, jako by mi s nim nekdo manipuloval ale ja to nejsem..

[motji]

Jáká nechtěná stránka? A kdy se Vám objevuje?
Máte firewall, můžete se podívat, jestli v něm nemáte povolené něco, co neznáte?

[JayB79]

firewall mam nastaveny od nodu, snad tedy spravne...je tam zaskrtle vse myslim, mam ale novy problem, nejde mi spustit zpravce uloh...muzete mi poradit prosim?

dekuji mnohokrat, jinak stale problem pretrvava...nevim uz co dale

[motji]

Poprosím o nový log ze Rsitu

[JayB79]

dobry den,

log z rsitu mi nejde, i kdyz program spustim jako zpravce tak mi to napise vzdy : AutoIT Error - Line -1 Error : Variable used without being declared. Ale to mi myslim dela uz od zacatku..

co mam udelat?

dekuji moc za Vasi trpelivost

[motji]

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- spustte, klikněte na Run Scan
- po skončení skenu sem vložte obsah logů z OTL.Txt a Extras.txt

[JayB79]

OTL logfile created on: 3/15/2010 9:12:02 AM - Run 3
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 66.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 192.70 Gb Free Space | 82.75% Space Free | Partition Type: NTFS
Drive D: | 218.23 Gb Total Space | 213.89 Gb Free Space | 98.01% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7.44 Gb Total Space | 5.80 Gb Free Space | 77.97% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ASUS
Current User Name: Uživatel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/15 09:11:42 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL(2).exe
PRC - [2009/12/01 18:38:47 | 003,951,976 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/13 12:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/11/07 01:13:23 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/09/16 10:33:33 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/07/24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/24 01:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/23 01:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/07 19:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/18 23:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/24 05:24:44 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/04/20 19:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/04/02 05:05:34 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 04:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/08/14 04:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/08/14 00:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/03/15 09:11:42 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL(2).exe
MOD - [2009/07/14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/11/16 09:12:56 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 02:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/14 02:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/14 02:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/14 02:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/14 02:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/14 02:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/14 02:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/14 02:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/14 02:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/14 02:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/14 02:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/14 02:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/14 02:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/14 02:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/14 02:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/14 02:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/14 02:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/14 02:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/14 02:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/14 02:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/02/04 08:21:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/10/25 07:57:21 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/24 01:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/07/14 04:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) Služba DTC (Distributed Transaction Coordinator)
SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 21:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/08 16:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/08/14 04:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/11/16 09:07:10 | 000,044,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2009/11/16 09:07:04 | 000,169,080 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2009/11/16 09:03:42 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009/11/16 08:56:16 | 000,145,336 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,153,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/14 02:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/14 02:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/14 02:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/14 02:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/14 02:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/14 02:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/14 01:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/14 01:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/14 01:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/14 01:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/14 01:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/14 01:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:64bit: - [2009/07/14 01:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/14 01:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/14 01:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/14 01:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/14 01:07:00 | 000,184,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2009/07/14 01:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/14 01:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/14 01:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/14 01:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/14 01:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/14 00:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/14 00:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/14 00:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/14 00:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/14 00:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/14 00:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/14 00:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/09 04:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/19 08:10:40 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 11:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/26 14:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/22 15:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/12/08 16:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2007/07/24 19:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 02:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 22:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 22:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.1.0.19
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/11/07 01:13:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/12/05 16:19:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009/12/05 13:06:03 | 000,000,000 | ---D | M]

[2010/01/14 15:28:34 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Extensions
[2010/01/14 15:28:34 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2009/12/09 08:36:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\enrkx11f.default\extensions
[2009/12/09 08:34:24 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\enrkx11f.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009/07/01 13:22:12 | 000,000,880 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\enrkx11f.default\searchplugins\conduit.xml
[2009/12/04 01:21:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/11/07 01:13:25 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009/11/07 01:13:25 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2009/11/07 01:13:25 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009/11/07 01:13:25 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009/11/07 01:13:25 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010/02/14 22:57:12 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL LLC)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/14 23:52:41 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\AIM
[2010/03/14 12:26:13 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\WMTools Downloaded Files
[2010/03/14 11:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6
[2010/03/14 11:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010/03/14 11:23:55 | 000,000,000 | ---D | C] -- C:\rsit
[2010/02/24 07:10:09 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010/02/24 07:10:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010/02/24 07:10:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010/02/24 07:10:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010/02/24 07:10:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010/02/24 07:10:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010/02/24 07:10:04 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010/02/24 07:10:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010/02/24 07:09:58 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/02/24 07:09:57 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/02/24 07:09:57 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010/02/24 07:09:57 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/02/24 07:09:57 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/02/24 07:09:57 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/02/24 07:09:56 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010/02/14 22:56:13 | 000,000,000 | ---D | C] -- C:\_OTL

========== Files - Modified Within 30 Days ==========

[2010/03/15 09:13:51 | 002,359,296 | -HS- | M] () -- C:\Users\Uživatel\ntuser.dat
[2010/03/14 17:40:11 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/14 17:40:11 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/14 12:26:56 | 000,006,656 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/14 12:02:17 | 000,001,205 | ---- | M] () -- C:\Users\Uživatel\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/13 17:46:55 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/03/13 17:46:55 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/03/13 17:46:55 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/03/13 17:46:55 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/03/13 17:46:55 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/03/13 17:18:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/13 17:18:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/13 17:18:21 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/13 17:17:48 | 005,317,808 | -H-- | M] () -- C:\Users\Uživatel\AppData\Local\IconCache.db
[2010/03/11 21:00:44 | 006,242,076 | ---- | M] () -- C:\Users\Uživatel\Desktop\FSK - untitled1_testclip.mp3
[2010/03/11 01:29:25 | 001,910,277 | ---- | M] () -- C:\Users\Uživatel\Desktop\Current Value feat. Snow____SHY FLAME_f i n a l_MASTER24bit_320k.mp3
[2010/03/09 11:23:46 | 000,001,851 | ---- | M] () -- C:\Users\Uživatel\Desktop\CCleaner.lnk
[2010/02/18 21:00:14 | 000,000,359 | ---- | M] () -- C:\Users\Uživatel\Desktop\Počítač – zástupce.lnk
[2010/02/14 22:57:12 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010/02/14 21:18:14 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/14 12:22:20 | 002,365,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2010/03/14 11:53:12 | 000,001,205 | ---- | C] () -- C:\Users\Uživatel\Desktop\DVDVideoSoft Free Studio.lnk
[2010/03/13 17:11:36 | 016,664,328 | ---- | C] () -- C:\Users\Uživatel\Desktop\GEIN and THE CHOSEN - Obey.mp3
[2010/03/13 17:11:36 | 013,694,559 | ---- | C] () -- C:\Users\Uživatel\Desktop\TECHITCH&GEINftJAKES_KillSound_M2_320k.mp3
[2010/03/12 10:14:41 | 006,242,076 | ---- | C] () -- C:\Users\Uživatel\Desktop\FSK - untitled1_testclip.mp3
[2010/03/11 01:29:40 | 001,910,277 | ---- | C] () -- C:\Users\Uživatel\Desktop\Current Value feat. Snow____SHY FLAME_f i n a l_MASTER24bit_320k.mp3
[2010/02/18 21:00:14 | 000,000,359 | ---- | C] () -- C:\Users\Uživatel\Desktop\Počítač – zástupce.lnk
[2010/02/12 10:53:14 | 000,000,088 | RHS- | C] () -- C:\ProgramData\31F8432FC3.sys
[2010/02/12 10:53:13 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/12/28 14:17:58 | 000,210,456 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2009/12/28 14:17:58 | 000,206,360 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2009/12/28 14:17:58 | 000,198,168 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2009/12/28 14:17:58 | 000,198,168 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2009/12/28 14:17:58 | 000,194,072 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2009/12/28 14:17:58 | 000,026,136 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2009/12/05 11:33:58 | 000,007,651 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\Resmon.ResmonCfg
[2009/12/01 09:24:30 | 000,000,203 | ---- | C] () -- C:\Windows\SysWow64\config.ini
[2009/11/22 10:34:35 | 000,006,656 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/19 09:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2002/03/17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000079.DLL
< End of report >