neviem co s tym,prosim pomozte

[ringov]

V nudzovom rezime iba trochu.

[motji]

Pokud se seká i v nouzovém režimu, tak bude na vině spíše HW nebo nějaký konflikt ovladačů .
Odkdy se seká, co jste instaloval?

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

[ringov]

Ked som si chcel stiahnut Avast tak mi stiahlo iba 10mb zo 65mb,takisto u Sup.Antispywer.A dost casto ani nenacita stranku hocijaku aj domovskua ked uz nacitava tak 10minut.Nis som nestahoval.----------------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP2 [5.1 Build 2600] (x86)
Date : 2011/04/23 11:24:02

-- Controller Map ----------------------------------------------------------

-- Disk List ---------------------------------------------------------------
(1) MAXTOR 6L020J1 : 20.5 GB [0-0-0, pd1]
(2) WDC WD400BB-60DGA0 : 40.0 GB [1-0-1, pd1]

----------------------------------------------------------------------------
(1) MAXTOR 6L020J1
----------------------------------------------------------------------------
Model : MAXTOR 6L020J1
Firmware : AR1.0400
Serial Number : 661201143392
Disk Size : 20.5 GB (8.4/20.5/----)
Buffer Size : 1818 KB
Queue Depth : 1
# of Sectors : 40132503
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ATA/ATAPI-5 T13 1321D version 1
Transfer Mode : Ultra DMA/133
Power On Hours : 6079 hours
Power On Count : 4035 count
Temparature : 58 C (136 F)
Health Status : Good
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 _20 000000000000 Read Error Rate
03 _83 _81 _20 0000000008B7 Spin-Up Time
04 _94 _94 __8 000000001043 Start/Stop Count
05 100 100 _20 000000000000 Reallocated Sectors Count
07 100 _93 _23 000000000000 Seek Error Rate
09 _91 _91 __1 0000000017BF Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 _20 000000000000 Recalibration Retries
0C _94 _94 __8 000000000FC3 Power Cycle Count
0D 100 100 _23 000000000000 Soft Read Error Rate stab
C2 _78 _73 _42 00000000003A Temperature
C3 __9 __1 __0 000047BE1008 Hardware ECC recovered
C4 100 253 _20 000000000000 Reallocation Event Count
C5 100 100 _20 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 185 185 __0 00000000000F UltraDMA CRC Error Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF 00 00 00 10 7E 00 53 32 00 3F 00 00
010: 00 00 51 54 36 36 31 32 30 31 31 34 33 33 39 32
020: 20 20 20 20 20 20 20 20 00 03 0E 35 00 04 41 52
030: 31 2E 30 34 30 30 4D 41 58 54 4F 52 20 36 4C 30
040: 32 30 4A 31 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 0F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 5F 97 02 64 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 3E 00 15 34 6B 5B 01 40 03 34 69 1A 01 40 03
0B0: 20 7F 00 05 00 00 00 00 FF FE 60 3D 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7A A5

----------------------------------------------------------------------------
(2) WDC WD400BB-60DGA0
----------------------------------------------------------------------------
Model : WDC WD400BB-60DGA0
Firmware : 05.03E05
Serial Number : WD-WCADK4296416
Disk Size : 40.0 GB (8.4/40.0/----)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 78165360
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 3607 hours
Power On Count : 2118 count
Temparature : Unknown
Health Status : Good
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 _93 _90 _21 000000000A94 Spin-Up Time
04 _98 _98 _40 000000000895 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _96 _96 __0 000000000E17 Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 _51 000000000000 Recalibration Retries
0C _98 _98 __0 000000000846 Power Cycle Count
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 253 __0 000000000000 UltraDMA CRC Error Count
C8 200 200 _51 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF 00 00 00 10 E1 00 02 58 00 3F 00 10
010: 00 00 00 0E 57 44 2D 57 43 41 44 4B 34 32 39 36
020: 34 31 36 00 00 00 00 00 00 03 10 00 00 28 30 35
030: 2E 30 33 45 30 35 57 44 43 20 57 44 34 30 30 42
040: 42 2D 36 30 44 47 41 30 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 02 80 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 B5 70 04 A8 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 3E 00 00 34 69 4B 01 40 03 34 69 08 01 40 03
0B0: 20 3F 00 00 00 00 00 00 00 00 6B 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 38 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1B
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 A5

[motji]

Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/
-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená

[ringov]

Nemal som ani jedno cervene policko ale som v nudzovom rezime lebo mi nechce nacitat stranky alebo vypyse ze cas na otvorenie stranky vyprsal.Aj teraz vnudzovom nacitavalo asi 10minut.PC ide uz celkom dobre len ten internet.

[motji]

Co Vy s tím pc máte pořád

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 
SAVEMBR:0

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[ringov]

OTL logfile created on: 23.4.2011 20:13:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 264,00 Mb Available Physical Memory | 52,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,81 Gb Total Space | 1,88 Gb Free Space | 24,08% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 31,14 Gb Free Space | 83,55% Space Free | Partition Type: NTFS
Drive E: | 11,31 Gb Total Space | 9,59 Gb Free Space | 84,72% Space Free | Partition Type: NTFS

Computer Name: TEREZIA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.04.23 20:12:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2011.03.18 20:05:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.03.04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) -- D:\Avira\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.29 11:55:44 | 002,676,696 | ---- | M] (PC Tools) -- D:\Firew\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2010.11.17 10:29:38 | 000,287,024 | ---- | M] (PC Tools) -- D:\Firew\PC Tools Firewall Plus\FWService.exe
PRC - [2009.09.23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- E:\panda\Panda USB Vaccine\USBVaccine.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011.04.23 20:12:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2004.08.17 15:48:02 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (ServiceLayer)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.03.04 14:37:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.17 10:29:38 | 000,287,024 | ---- | M] (PC Tools) [Auto | Running] -- D:\Firew\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2010.09.26 18:11:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)


========== Driver Services (SafeList) ==========

DRV - [2011.03.04 14:37:13 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.25 10:53:58 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2010.11.25 10:42:10 | 000,124,992 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010.11.24 09:18:16 | 000,089,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010.11.17 10:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010.07.08 09:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdisMP)
DRV - [2010.07.08 09:49:10 | 000,057,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNdis)
DRV - [2008.09.24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007.05.14 10:26:10 | 000,508,288 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.08.03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001.08.17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001.08.17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001.08.17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001.08.17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001.08.17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001.08.17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001.08.17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001.08.17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001.08.17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001.08.17 22:50:28 | 000,077,824 | ---- | M] (S3 Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\s3sav4m.sys -- (S3SAVAGE4M)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pobox.sk/
IE - HKU\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Brothersoft Customized Web Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "pobox.sk"
FF - prefs.js..extensions.enabledItems: searchpredict@speedbit.com:1.0.1.0
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatche ... 60327&qkw="
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 3129
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 3129
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 3129
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 3129


FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.13 10:21:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.05 21:52:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009.01.25 21:01:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.04.13 22:29:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\extensions
[2010.09.26 13:10:13 | 000,000,000 | ---D | M] (Brothersoft Community Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\extensions\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}(2)
[2010.09.26 13:10:13 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\sa3oy8yh.default\extensions\engine@conduit(2).com
[2011.04.10 15:00:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011.03.18 20:05:42 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011.04.05 23:11:11 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.01.01 10:00:00 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.01.01 10:00:00 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.01.01 10:00:00 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.01.01 10:00:00 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.01.01 10:00:00 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2011.04.22 23:24:32 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [00PCTFW] D:\Firew\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKU\S-1-5-21-1957994488-1677128483-854245398-500\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: VIDC.IV41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Unable to start service SrService!
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.04.23 20:11:23 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.04.23 18:44:13 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.04.23 18:44:12 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.04.23 18:44:12 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.04.23 18:44:12 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011.04.23 18:44:12 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011.04.23 18:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2011.04.23 18:35:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.04.23 08:42:03 | 000,000,000 | ---D | C] -- C:\_OTM
[2011.04.23 08:27:15 | 000,000,000 | ---D | C] -- C:\rsit
[2011.04.22 21:48:21 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.04.22 21:41:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.04.22 21:03:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.04.22 19:58:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011.04.22 15:05:00 | 000,218,592 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2011.04.22 15:05:00 | 000,160,448 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2011.04.22 15:04:51 | 000,249,616 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2011.04.22 15:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\PC Tools Firewall Plus
[2011.04.22 15:03:41 | 000,089,192 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2011.04.22 15:03:41 | 000,032,808 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2011.04.22 15:03:40 | 000,057,536 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2011.04.22 15:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011.04.22 15:03:33 | 000,124,992 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2011.04.22 09:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Textove pomocky
[2011.04.22 00:54:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011.04.22 00:53:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011.04.22 00:53:44 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011.04.22 00:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011.04.21 09:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\Codec Pack - All In 1
[2011.04.21 09:06:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\languages
[2011.04.21 08:46:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Filmy
[2011.04.20 22:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.04.20 22:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.04.19 19:26:00 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Administrator\Plocha\StartUpLite.exe
[2011.04.19 17:29:47 | 000,086,016 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2011.04.19 17:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Quake 3 Arena Demo
[2011.04.18 20:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2011.04.18 15:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.04.18 15:52:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.04.18 15:52:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.04.18 07:48:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2011.04.17 23:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.04.16 22:22:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\PCToolsFirewallPlus
[2011.04.15 09:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Support Tools
[2011.04.15 09:04:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.04.14 16:36:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2011.04.13 10:29:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\_comodo_
[2011.04.13 10:21:38 | 000,249,592 | ---- | C] (COMODO) -- C:\WINDOWS\System32\cssdll32.dll
[2011.04.13 06:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Panda Security
[2011.04.12 09:44:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2011.04.12 08:47:09 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.04.12 08:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Panda Security
[2011.04.11 16:37:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\MindSoft Utilities 2011
[2011.04.10 12:36:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2011.04.10 09:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011.04.10 07:21:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011.04.10 07:21:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011.04.09 09:21:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011.04.09 07:25:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011.04.09 06:46:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011.04.08 13:34:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2011.04.08 13:29:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Temp
[2011.04.08 13:29:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2011.04.08 10:04:25 | 004,122,368 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2011.04.08 10:03:41 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2011.04.08 10:03:37 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2011.04.08 10:03:37 | 000,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2011.04.08 10:03:32 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2011.04.08 10:03:32 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2011.04.07 13:22:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2011.04.07 11:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.04.06 15:48:38 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2011.04.06 08:49:29 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.04.05 22:51:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Secunia PSI
[2011.04.05 22:11:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2011.04.05 21:33:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2011.04.05 21:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.04.05 21:28:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.04.05 21:28:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-CZ
[2011.04.04 17:15:57 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011.04.04 15:56:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011.04.04 15:34:26 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.04.01 10:36:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\XXLGS

========== Files - Modified Within 30 Days ==========

[2011.04.23 20:15:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.04.23 20:12:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.04.23 20:10:33 | 000,000,512 | ---- | M] () -- C:\WINDOWS\tasks\PandaUSBVaccine.job
[2011.04.23 20:10:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.04.23 08:25:29 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2011.04.22 23:24:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.04.22 23:15:19 | 004,327,458 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.04.22 22:34:52 | 000,138,056 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.22 20:06:21 | 006,299,648 | ---- | M] () -- C:\WINDOWS\sectest.db
[2011.04.22 20:00:42 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011.04.22 20:00:42 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011.04.22 16:24:56 | 000,050,250 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\james008_lama_anti_bx.exe
[2011.04.22 16:05:26 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Default.rdp
[2011.04.22 01:03:56 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.04.22 01:03:56 | 000,428,724 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.04.22 01:03:56 | 000,077,854 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.04.22 01:03:56 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.04.21 21:52:20 | 000,002,176 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.04.21 18:10:01 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011.04.21 09:02:45 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2011.04.21 08:41:17 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.20 22:51:13 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.04.19 19:26:02 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Administrator\Plocha\StartUpLite.exe
[2011.04.19 14:35:42 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.04.18 20:51:16 | 000,432,267 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110418-210103.backup
[2011.04.18 19:42:10 | 000,000,717 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110418-205115.backup
[2011.04.18 15:53:12 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.04.17 10:40:01 | 000,000,632 | ---- | M] () -- C:\WINDOWS\Sof2.INI
[2011.04.14 08:15:01 | 000,000,160 | ---- | M] () -- C:\WINDOWS\y.reg
[2011.04.13 10:21:37 | 000,249,592 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cssdll32.dll
[2011.04.13 09:15:11 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - USBVaccine.exe.lnk
[2011.04.10 19:20:57 | 000,000,327 | -HS- | M] () -- C:\boot.ini
[2011.04.10 09:33:19 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Defraggler.lnk
[2011.04.05 23:11:04 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.04.05 21:52:06 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.04.05 19:57:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.04.01 10:37:23 | 000,000,134 | ---- | M] () -- C:\WINDOWS\WEBWTR.INI
[2011.04.01 10:37:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\WEBTRANS.INI

========== Files Created - No Company Name ==========

[2011.04.23 20:15:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.04.23 08:25:18 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2011.04.22 23:14:50 | 004,327,458 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2011.04.22 20:04:27 | 006,299,648 | ---- | C] () -- C:\WINDOWS\sectest.db
[2011.04.22 16:24:13 | 000,050,250 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\james008_lama_anti_bx.exe
[2011.04.22 16:05:26 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Default.rdp
[2011.04.20 22:51:13 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.04.18 15:53:12 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.04.17 10:36:10 | 000,000,632 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2011.04.14 08:15:01 | 000,000,160 | ---- | C] () -- C:\WINDOWS\y.reg
[2011.04.13 09:15:11 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - USBVaccine.exe.lnk
[2011.04.13 09:04:17 | 000,000,512 | ---- | C] () -- C:\WINDOWS\tasks\PandaUSBVaccine.job
[2011.04.10 09:33:19 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Defraggler.lnk
[2011.04.08 10:04:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.04.08 10:03:41 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2011.04.08 10:03:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.04.06 16:53:19 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2011.04.05 21:52:06 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2011.04.05 21:52:06 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.04.04 15:34:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.04.04 15:34:31 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.04.01 10:37:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2011.04.01 10:36:28 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2011.03.07 05:09:44 | 000,000,174 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.03.06 18:46:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.03.03 09:32:03 | 000,000,779 | ---- | C] () -- C:\WINDOWS\SOFPLAT.ini
[2010.10.19 10:09:02 | 000,172,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\str.sys.vir
[2010.10.19 10:02:19 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2010.10.19 10:02:19 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2010.10.19 10:02:19 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010.10.19 10:02:18 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2010.10.01 17:21:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\LiveBilliards.INI
[2010.09.30 12:53:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010.09.26 19:45:52 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2010.09.26 13:47:20 | 000,000,180 | ---- | C] () -- C:\WINDOWS\GSdx9.INI
[2010.09.15 03:19:32 | 000,000,684 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2010.09.14 11:01:22 | 000,000,260 | ---- | C] () -- C:\WINDOWS\mgutil_reg.ini
[2010.09.14 11:00:47 | 000,000,044 | ---- | C] () -- C:\WINDOWS\mgutil_win.ini
[2009.12.31 17:27:43 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2009.11.01 18:51:34 | 000,204,857 | ---- | C] () -- C:\WINDOWS\System32\InstallHelp.dll
[2009.11.01 18:51:34 | 000,107,293 | ---- | C] () -- C:\WINDOWS\System32\GMTUninstall.exe
[2009.11.01 17:59:16 | 000,002,064 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009.01.09 19:42:47 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.01.01 19:36:56 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.26 08:28:02 | 000,002,176 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008.07.07 18:19:44 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.07 18:11:57 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2008.07.07 18:00:26 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2008.07.07 17:59:14 | 002,417,445 | ---- | C] () -- C:\WINDOWS\System32\Ydsxg.dat
[2008.07.07 17:58:00 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.07.07 17:56:49 | 000,138,056 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.07.07 17:45:28 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008.07.07 17:33:30 | 000,000,314 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2008.07.07 17:31:29 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.07.07 17:23:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.07.07 17:19:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008.07.07 16:21:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.07.07 16:12:32 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 003,223,552 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2005.10.14 11:56:48 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2005.10.14 11:56:48 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005.10.14 11:56:48 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 11:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002.09.20 20:19:36 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 14:00:00 | 000,428,724 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,077,854 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 14:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2010.09.27 01:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2009.11.07 14:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\distortum
[2011.02.26 14:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DMCache
[2010.08.02 16:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESET
[2011.04.08 13:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IDM
[2011.04.22 15:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PCToolsFirewallPlus
[2010.08.02 17:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
[2011.03.07 10:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
[2011.02.26 16:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
[2011.04.06 08:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.09.17 17:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ValuSoft
[2011.02.26 13:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VitySoft
[2010.09.26 13:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ZipGenius
[2011.04.19 14:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2010.09.27 01:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.09.09 11:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.03.01 17:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.03.01 18:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2011.04.13 09:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Panda Security
[2010.09.19 10:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SiComponents
[2011.02.26 16:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
[2011.04.23 20:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.04.06 09:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.04.06 08:49:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010.08.02 16:39:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011.03.07 12:54:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\~0
[2010.08.02 17:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2011.04.23 20:10:33 | 000,000,512 | ---- | M] () -- C:\WINDOWS\Tasks\PandaUSBVaccine.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.02.26 16:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Speedbit

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.25 12:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2009.02.26 10:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AdobeUM
[2010.01.04 17:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2010.09.27 01:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2009.11.07 14:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\distortum
[2010.09.17 13:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DivX
[2011.02.26 14:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DMCache
[2010.08.02 16:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESET
[2010.08.28 12:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2008.07.07 16:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.04.08 13:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IDM
[2010.09.02 17:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Lavasoft
[2008.07.07 17:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.03.06 23:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2008.10.17 10:23:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2011.04.21 23:48:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2009.01.25 21:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.09.17 02:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MSN6
[2011.04.22 15:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PCToolsFirewallPlus
[2011.03.28 22:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.03.28 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2010.08.02 17:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2009.11.08 10:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
[2010.08.02 17:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
[2011.03.07 10:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
[2011.02.26 16:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
[2011.04.06 08:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.09.17 17:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ValuSoft
[2011.02.26 13:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VitySoft
[2011.03.06 20:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2011.03.07 10:25:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2010.09.26 13:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ZipGenius

< %APPDATA%\*.exe /s >


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.03 22:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004.08.03 22:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp2qfe\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp2gdr\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp2qfe\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp3gdr\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\1d2803a1f84cfd41d61e509943d67213\sp3qfe\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.07.07 17:55:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.07.07 17:55:57 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.07.07 17:55:57 | 000,389,120 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.04.22 20:00:42 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2011.04.21 18:10:01 | 000,002,064 | ---- | M] () -- C:\WINDOWS\system32\d3d8caps.dat
[2011.04.21 21:52:20 | 000,002,176 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2011.04.22 22:34:52 | 000,138,056 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.04.22 20:00:42 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2011.04.22 01:03:56 | 000,077,854 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.04.22 01:03:56 | 000,067,312 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.04.22 01:03:56 | 000,428,724 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.04.22 01:03:56 | 000,432,356 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C31F31E6

< End of report >
-------------------------------------------------------------------------------------------OTL Extras logfile created on: 23.4.2011 20:13:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 264,00 Mb Available Physical Memory | 52,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 7,81 Gb Total Space | 1,88 Gb Free Space | 24,08% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 31,14 Gb Free Space | 83,55% Space Free | Partition Type: NTFS
Drive E: | 11,31 Gb Total Space | 9,59 Gb Free Space | 84,72% Space Free | Partition Type: NTFS

Computer Name: TEREZIA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{30837A37-8F9F-4817-8B52-C501B67DC3BE}" = Trust WB-1400T Webcam
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{84975365-177A-42EB-A265-9C9B6DB1FEA1}" = Trust Photo Tools
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9211041B-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Defraggler" = Defraggler
"ie8" = Windows Internet Explorer 8
"InstallShield_{30837A37-8F9F-4817-8B52-C501B67DC3BE}" = Trust WB-1400T Webcam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Mozilla Firefox 4.0 (x86 sk)" = Mozilla Firefox 4.0 (x86 sk)
"PC Tools Firewall Plus" = PC Tools Firewall Plus 7.0
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.4.2011 17:12:19 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Administrator.exe, verze 2.0.0.4, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 5:30:21 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hijackthis.exe, verze 2.0.0.4, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 12:56:13 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:02:33 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:44:00 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:47:04 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:48:47 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:50:50 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:50:50 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:53:55 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ Application Events ]
Error - 22.4.2011 17:12:19 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Administrator.exe, verze 2.0.0.4, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 5:30:21 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hijackthis.exe, verze 2.0.0.4, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 12:56:13 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:02:33 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:44:00 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:47:04 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:48:47 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:50:50 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:50:50 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.4.2011 13:53:55 | Computer Name = TEREZIA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.0.4094, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 23.4.2011 12:39:14 | Computer Name = TEREZIA | Source = NETLOGON | ID = 3095
Description = Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv
jako člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této konfiguraci.

Error - 23.4.2011 12:39:24 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 23.4.2011 13:18:34 | Computer Name = TEREZIA | Source = NETLOGON | ID = 3095
Description = Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv
jako člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této konfiguraci.

Error - 23.4.2011 13:18:46 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7000
Description = Služba avgntflt neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 23.4.2011 13:18:46 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 23.4.2011 14:10:27 | Computer Name = TEREZIA | Source = NETLOGON | ID = 3095
Description = Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv
jako člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této konfiguraci.

Error - 23.4.2011 14:10:36 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7000
Description = Služba avgntflt neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 23.4.2011 14:10:38 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 23.4.2011 14:14:33 | Computer Name = TEREZIA | Source = SRService | ID = 104
Description = Proces inicializace nástroje Obnovení systému se nezdařil.

Error - 23.4.2011 14:14:34 | Computer Name = TEREZIA | Source = Service Control Manager | ID = 7023
Description = Služba Služba obnovení systému byla ukončena s následující chybou:
%%2

[ TuneUp Events ]
Error - 3.3.2011 17:51:03 | Computer Name = TEREZIA | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 3.3.2011 23:35:53 | Computer Name = TEREZIA | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >

[motji]

Zkoušel jste už stáhnout ten sp3?

Najděte soubor C:\WINDOWS\y.reg, klikněte na něj pravým myšítkem - otevřít v notepadu a text vložte zde.

Dejte soubor otestovat na http://www.virustotal.com

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\explorer.exe
C:\PhysicalMBR.bin

-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače

[ringov]

Windows Registry Editor Version 5.00o

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ImagePath"="C:\\windows\\system_32.bat"//////////////////http://www.virustotal.com/file-scan/rep ... 1303594359.

[motji]

Tento soubor smažte, jste si nejspíš 14.4. stahl do pc nějaký crack, mám pravdu?
C:\WINDOWS\y.reg

[ringov]

Vo winlogon exe naslo trojan/win32.agent.ha a trojan/win32.patched.gen.Nic som nestahoval s crackom,stahujem iba zo slunecnice.cz a stahuj.centrum.cz.Neviem ze by som stahoval crack.

[motji]

Můžete mi prosím dát odkaz na virustotal, u kterých souborů to vir našlo?

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[ringov]

/www.virustotal.com/file-scan/report.htm ... 1303594359.

[motji]

Ten odkaz mi nefunguje

[ringov]

Prosim pomozte ja tomu vekmi nerozumiem.Ked som pripojeny na internet pise mi tam ze tam je najaka brana ,predtym tam nebola.A je velky prenos dat a je pomalsi internet ,myslim ze niekto sleduje moj internet.Dakujem